14 changed files with 1584 additions and 458 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1 +1 @@
-SOURCES/tigervnc-1.14.0.tar.gz
+SOURCES/tigervnc-1.13.1.tar.gz
--- a/.tigervnc.metadata
+++ b/.tigervnc.metadata
@ -1 +1 @@
-9e67944113159da85f42c24b43f40b842f23feb3 SOURCES/tigervnc-1.14.0.tar.gz
+6f7a23f14833f552c88523da1a5e102f3b8d35c2 SOURCES/tigervnc-1.13.1.tar.gz
--- a/SOURCES/10-libvnc.conf
+++ b/SOURCES/10-libvnc.conf
@ -12,7 +12,7 @@
 #EndSection
 #Section "Screen"
-#    Identifier "Screen0
+#    Identifier "Screen0"
 #    DefaultDepth 16
 #    Option "SecurityTypes" "VncAuth"
 #    Option "PasswordFile" "/root/.vnc/passwd"
--- a/SOURCES/tigervnc-add-missing-coma-in-default-security-type-list.patch
+++ b/SOURCES/tigervnc-add-missing-coma-in-default-security-type-list.patch
@ -1,24 +0,0 @@
 From 4f6a3521874da5a67fd746389cfa9b6199eb3582 Mon Sep 17 00:00:00 2001
 From: Pierre Ossman <ossman@cendio.se>
 Date: Mon, 29 Jul 2024 16:16:08 +0200
 Subject: [PATCH] Add missing comma in default security type list
 Otherwise it merges with the next entry, removing both of them from the
 default list.
 ---
 common/rfb/SecurityClient.cxx | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 diff --git a/common/rfb/SecurityClient.cxx b/common/rfb/SecurityClient.cxx
 index 12860662f..63e0cadc0 100644
 --- a/common/rfb/SecurityClient.cxx
 +++ b/common/rfb/SecurityClient.cxx
@@ -60,7 +60,7 @@ StringParameter SecurityClient::secTypes
  "X509Plain,TLSPlain,X509Vnc,TLSVnc,X509None,TLSNone,"
 #endif
 #ifdef HAVE_NETTLE
 - "RA2,RA2_256,RA2ne,RA2ne_256,DH,MSLogonII"
 + "RA2,RA2_256,RA2ne,RA2ne_256,DH,MSLogonII,"
 #endif
  "VncAuth,None",
 ConfViewer);
--- a/SOURCES/tigervnc-add-option-to-force-view-only-remote-connections.patch
+++ b/SOURCES/tigervnc-add-option-to-force-view-only-remote-connections.patch
--- a/SOURCES/tigervnc-correctly-handle-zrle-cursors.patch
+++ b/SOURCES/tigervnc-correctly-handle-zrle-cursors.patch
@ -1,29 +0,0 @@
 From 6d9017eeb364491cf2acdf1c7e61aee8dd198527 Mon Sep 17 00:00:00 2001
 From: Pierre Ossman <ossman@cendio.se>
 Date: Fri, 30 Aug 2024 16:15:09 +0200
 Subject: [PATCH] Correctly handle ZRLE cursors
 Cursor data has a depth of 32 bits and hence cannot use CPIXELs.
 This is a regression from baca73d.
 ---
 common/rfb/ZRLEDecoder.cxx | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 diff --git a/common/rfb/ZRLEDecoder.cxx b/common/rfb/ZRLEDecoder.cxx
 index 474fd6ca1..e274a697a 100644
 --- a/common/rfb/ZRLEDecoder.cxx
 +++ b/common/rfb/ZRLEDecoder.cxx
@@ -125,10 +125,10 @@ void ZRLEDecoder::zrleDecode(const Rect& r, rdr::InStream* is,
   Pixel maxPixel = pf.pixelFromRGB((uint16_t)-1, (uint16_t)-1, (uint16_t)-1);
   bool fitsInLS3Bytes = maxPixel < (1<<24);
   bool fitsInMS3Bytes = (maxPixel & 0xff) == 0;
 -  bool isLowCPixel = (sizeof(T) == 4) &&
 +  bool isLowCPixel = (sizeof(T) == 4) && (pf.depth <= 24) &&
                      ((fitsInLS3Bytes && pf.isLittleEndian()) ||
                       (fitsInMS3Bytes && pf.isBigEndian()));
 -  bool isHighCPixel = (sizeof(T) == 4) &&
 +  bool isHighCPixel = (sizeof(T) == 4) && (pf.depth <= 24) &&
                       ((fitsInLS3Bytes && pf.isBigEndian()) ||
                        (fitsInMS3Bytes && pf.isLittleEndian()));
--- a/SOURCES/tigervnc-dont-install-appstream-metadata-file.patch
+++ b/SOURCES/tigervnc-dont-install-appstream-metadata-file.patch
@ -0,0 +1,51 @@
 diff --git a/po/CMakeLists.txt b/po/CMakeLists.txt
 index 052cfb3..c84fb0e 100644
 --- a/po/CMakeLists.txt
 +++ b/po/CMakeLists.txt
@@ -14,7 +14,6 @@ if (GETTEXT_XGETTEXT_EXECUTABLE)
     ${PROJECT_SOURCE_DIR}/vncviewer/*.h
     ${PROJECT_SOURCE_DIR}/vncviewer/*.cxx
     ${PROJECT_SOURCE_DIR}/vncviewer/*.desktop.in.in
 -    ${PROJECT_SOURCE_DIR}/vncviewer/*.metainfo.xml.in
   )
   add_custom_target(translations_update
 diff --git a/vncviewer/CMakeLists.txt b/vncviewer/CMakeLists.txt
 index 15eac66..450b732 100644
 --- a/vncviewer/CMakeLists.txt
 +++ b/vncviewer/CMakeLists.txt
@@ -100,34 +100,6 @@ if(UNIX)
   add_custom_target(desktop ALL DEPENDS vncviewer.desktop)
   install(FILES ${CMAKE_CURRENT_BINARY_DIR}/vncviewer.desktop DESTINATION ${CMAKE_INSTALL_FULL_DATADIR}/applications)
 -  if("${GETTEXT_VERSION_STRING}" VERSION_GREATER 0.19.6)
 -    add_custom_command(OUTPUT org.tigervnc.vncviewer.metainfo.xml
 -      COMMAND ${GETTEXT_MSGFMT_EXECUTABLE}
 -                --xml --template ${CMAKE_CURRENT_SOURCE_DIR}/org.tigervnc.vncviewer.metainfo.xml.in
 -                -d ${CMAKE_SOURCE_DIR}/po -o org.tigervnc.vncviewer.metainfo.xml
 -      DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/org.tigervnc.vncviewer.metainfo.xml.in
 -    )
 -  elseif(INTLTOOL_MERGE_EXECUTABLE)
 -    add_custom_command(OUTPUT org.tigervnc.vncviewer.metainfo.xml
 -      COMMAND sed -e 's@<name>@<_name>@\;s@</name>@</_name>@'
 -                  -e 's@<summary>@<_summary>@\;s@</summary>@</_summary>@'
 -                  -e 's@<caption>@<_caption>@\;s@</caption>@</_caption>@'
 -                  -e 's@<p>@<_p>@g\;s@</p>@</_p>@g'
 -                ${CMAKE_CURRENT_SOURCE_DIR}/org.tigervnc.vncviewer.metainfo.xml.in > org.tigervnc.vncviewer.metainfo.xml.intl
 -      COMMAND ${INTLTOOL_MERGE_EXECUTABLE}
 -                -x ${CMAKE_SOURCE_DIR}/po
 -                org.tigervnc.vncviewer.metainfo.xml.intl org.tigervnc.vncviewer.metainfo.xml
 -      DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/org.tigervnc.vncviewer.metainfo.xml.in
 -    )
 -  else()
 -    add_custom_command(OUTPUT org.tigervnc.vncviewer.metainfo.xml
 -      COMMAND cp ${CMAKE_CURRENT_SOURCE_DIR}/org.tigervnc.vncviewer.metainfo.xml.in org.tigervnc.vncviewer.metainfo.xml
 -      DEPENDS ${CMAKE_CURRENT_SOURCE_DIR}/org.tigervnc.vncviewer.metainfo.xml.in
 -    )
 -  endif()
 -  add_custom_target(appstream ALL DEPENDS org.tigervnc.vncviewer.metainfo.xml)
 -  install(FILES ${CMAKE_CURRENT_BINARY_DIR}/org.tigervnc.vncviewer.metainfo.xml DESTINATION ${CMAKE_INSTALL_FULL_DATADIR}/metainfo)
 -
   foreach(res 16 22 24 32 48 64 128)
     install(FILES ../media/icons/tigervnc_${res}.png DESTINATION ${CMAKE_INSTALL_FULL_DATADIR}/icons/hicolor/${res}x${res}/apps RENAME tigervnc.png)
   endforeach()
--- a/SOURCES/tigervnc-handle-existing-config-directory-in-vncpasswd.patch
+++ b/SOURCES/tigervnc-handle-existing-config-directory-in-vncpasswd.patch
@ -1,27 +0,0 @@
 From 445e0230cf4e939dcc59caf5d5f001c2f7b04da6 Mon Sep 17 00:00:00 2001
 From: Pierre Ossman <ossman@cendio.se>
 Date: Thu, 15 Aug 2024 14:24:42 +0200
 Subject: [PATCH] Handle existing config directory in vncpasswd
 This fixes commit a79c33d.
 ---
 unix/vncpasswd/vncpasswd.cxx | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)
 diff --git a/unix/vncpasswd/vncpasswd.cxx b/unix/vncpasswd/vncpasswd.cxx
 index 6666955f1..9f794e129 100644
 --- a/unix/vncpasswd/vncpasswd.cxx
 +++ b/unix/vncpasswd/vncpasswd.cxx
@@ -213,8 +213,10 @@ int main(int argc, char** argv)
       exit(1);
     }
     if (os::mkdir_p(configDir, 0777) == -1) {
 -      fprintf(stderr, "Could not create VNC config directory: %s\n", strerror(errno));
 -      exit(1);
 +      if (errno != EEXIST) {
 +        fprintf(stderr, "Could not create VNC config directory: %s\n", strerror(errno));
 +        exit(1);
 +      }
     }
     snprintf(fname, sizeof(fname), "%s/passwd", configDir);
   }
--- a/SOURCES/tigervnc-support-username-alias-in-plainusers.patch
+++ b/SOURCES/tigervnc-support-username-alias-in-plainusers.patch
@ -0,0 +1,135 @@
 diff --git a/common/rfb/SSecurityPlain.cxx b/common/rfb/SSecurityPlain.cxx
 index 6f65e87..3142ba3 100644
 --- a/common/rfb/SSecurityPlain.cxx
 +++ b/common/rfb/SSecurityPlain.cxx
@@ -27,6 +27,8 @@
 #include <rdr/InStream.h>
 #if !defined(WIN32) && !defined(__APPLE__)
 #include <rfb/UnixPasswordValidator.h>
 +#include <unistd.h>
 +#include <pwd.h>
 #endif
 #ifdef WIN32
 #include <rfb/WinPasswdValidator.h>
@@ -45,21 +47,22 @@ StringParameter PasswordValidator::plainUsers
 bool PasswordValidator::validUser(const char* username)
 {
 -  CharArray users(plainUsers.getValueStr()), user;
 +  std::vector<std::string> users;
 -  while (users.buf) {
 -    strSplit(users.buf, ',', &user.buf, &users.buf);
 -#ifdef WIN32
 -    if (0 == stricmp(user.buf, "*"))
 -	  return true;
 -    if (0 == stricmp(user.buf, username))
 -	  return true;
 -#else
 -    if (!strcmp(user.buf, "*"))
 -	  return true;
 -    if (!strcmp(user.buf, username))
 -	  return true;
 +  users = split(plainUsers, ',');
 +
 +  for (size_t i = 0; i < users.size(); i++) {
 +    if (users[i] == "*")
 +      return true;
 +#if !defined(WIN32) && !defined(__APPLE__)
 +    if (users[i] == "%u") {
 +      struct passwd *pw = getpwnam(username);
 +      if (pw && pw->pw_uid == getuid())
 +        return true;
 +    }
 #endif
 +    if (users[i] == username)
 +      return true;
   }
   return false;
 }
 diff --git a/common/rfb/util.cxx b/common/rfb/util.cxx
 index 649eb0b..cce73a0 100644
 --- a/common/rfb/util.cxx
 +++ b/common/rfb/util.cxx
@@ -99,6 +99,26 @@ namespace rfb {
     return false;
   }
 +  std::vector<std::string> split(const char* src,
 +                                 const char delimiter)
 +  {
 +    std::vector<std::string> out;
 +    const char *start, *stop;
 +
 +    start = src;
 +    do {
 +      stop = strchr(start, delimiter);
 +      if (stop == NULL) {
 +        out.push_back(start);
 +      } else {
 +        out.push_back(std::string(start, stop-start));
 +        start = stop + 1;
 +      }
 +    } while (stop != NULL);
 +
 +    return out;
 +  }
 +
   bool strContains(const char* src, char c) {
     int l=strlen(src);
     for (int i=0; i<l; i++)
 diff --git a/common/rfb/util.h b/common/rfb/util.h
 index f0ac9ef..ed15c28 100644
 --- a/common/rfb/util.h
 +++ b/common/rfb/util.h
@@ -27,6 +27,9 @@
 #include <limits.h>
 #include <string.h>
 +#include <string>
 +#include <vector>
 +
 struct timeval;
 #ifdef __GNUC__
@@ -76,6 +79,10 @@ namespace rfb {
   // that part of the string.  Obviously, setting both to 0 is not useful...
   bool strSplit(const char* src, const char limiter, char** out1, char** out2, bool fromEnd=false);
 +  // Splits a string with the specified delimiter
 +  std::vector<std::string> split(const char* src,
 +                                 const char delimiter);
 +
   // Returns true if src contains c
   bool strContains(const char* src, char c);
 diff --git a/unix/x0vncserver/x0vncserver.man b/unix/x0vncserver/x0vncserver.man
 index c36ae34..78db730 100644
 --- a/unix/x0vncserver/x0vncserver.man
 +++ b/unix/x0vncserver/x0vncserver.man
@@ -125,8 +125,8 @@ parameter instead.
 .B \-PlainUsers \fIuser-list\fP
 A comma separated list of user names that are allowed to authenticate via
 any of the "Plain" security types (Plain, TLSPlain, etc.). Specify \fB*\fP
 -to allow any user to authenticate using this security type. Default is to
 -deny all users.
 +to allow any user to authenticate using this security type. Specify \fB%u\fP
 +to allow the user of the server process. Default is to deny all users.
 .
 .TP
 .B \-pam_service \fIname\fP, \-PAMService \fIname\fP
 diff --git a/unix/xserver/hw/vnc/Xvnc.man b/unix/xserver/hw/vnc/Xvnc.man
 index ea87dea..e9fb654 100644
 --- a/unix/xserver/hw/vnc/Xvnc.man
 +++ b/unix/xserver/hw/vnc/Xvnc.man
@@ -200,8 +200,8 @@ parameter instead.
 .B \-PlainUsers \fIuser-list\fP
 A comma separated list of user names that are allowed to authenticate via
 any of the "Plain" security types (Plain, TLSPlain, etc.). Specify \fB*\fP
 -to allow any user to authenticate using this security type. Default is to
 -deny all users.
 +to allow any user to authenticate using this security type. Specify \fB%u\fP
 +to allow the user of the server process. Default is to deny all users.
 .
 .TP
 .B \-pam_service \fIname\fP, \-PAMService \fIname\fP
--- a/SOURCES/tigervnc-use-dup-to-get-available-fd-for-inetd.patch
+++ b/SOURCES/tigervnc-use-dup-to-get-available-fd-for-inetd.patch
@ -0,0 +1,17 @@
 diff --git a/unix/xserver/hw/vnc/xvnc.c b/unix/xserver/hw/vnc/xvnc.c
 index f8141959..c5c36539 100644
 --- a/unix/xserver/hw/vnc/xvnc.c
 +++ b/unix/xserver/hw/vnc/xvnc.c
@@ -366,8 +366,10 @@ ddxProcessArgument(int argc, char *argv[], int i)
     if (strcmp(argv[i], "-inetd") == 0) {
         int nullfd;
 -        dup2(0, 3);
 -        vncInetdSock = 3;
 +        if ((vncInetdSock = dup(0)) == -1)
 +            FatalError
 +                ("Xvnc error: failed to allocate a new file descriptor for -inetd: %s\n", strerror(errno));
 +
         /* Avoid xserver >= 1.19's epoll-fd becoming fd 2 / stderr only to be
            replaced by /dev/null by OsInit() because the pollfd is not
--- a/SOURCES/tigervnc-vncsession-move-existing-log-to-log-old-if-present.patch
+++ b/SOURCES/tigervnc-vncsession-move-existing-log-to-log-old-if-present.patch
--- a/SOURCES/tigervnc-xserver120.patch
+++ b/SOURCES/tigervnc-xserver120.patch
@ -1,39 +1,43 @@
-diff --git a/configure.ac b/configure.ac
+diff -up xserver/configure.ac.xserver116-rebased xserver/configure.ac
-index 0909cc5b4..c01873200 100644
+--- xserver/configure.ac.xserver116-rebased	2016-09-29 13:14:45.595441590 +0200
--- a/configure.ac
+++ xserver/configure.ac	2016-09-29 13:14:45.631442006 +0200
 +++ b/configure.ac
@@ -74,6 +74,7 @@ dnl forcing an entire recompile.x
 AC_CONFIG_HEADERS(include/version-config.h)
- 
+
 AM_PROG_AS
 +AC_PROG_CXX
 AC_PROG_LN_S
 LT_PREREQ([2.2])
 LT_INIT([disable-static win32-dll])
-@@ -1735,6 +1736,14 @@ if test "x$XVFB" = xyes; then
+@@ -1863,6 +1864,10 @@ if test "x$XVFB" = xyes; then
 	AC_SUBST([XVFB_SYS_LIBS])
 fi
- 
+
 +dnl Xvnc DDX
 +AC_SUBST([XVNC_CPPFLAGS], ["-DHAVE_DIX_CONFIG_H $XSERVER_CFLAGS"])
 +AC_SUBST([XVNC_LIBS], ["$FB_LIB $FIXES_LIB $XEXT_LIB $CONFIG_LIB $DBE_LIB $RECORD_LIB $GLX_LIBS $RANDR_LIB $RENDER_LIB $DAMAGE_LIB $DRI3_LIB $PRESENT_LIB $MIEXT_SYNC_LIB $MIEXT_DAMAGE_LIB $MIEXT_SHADOW_LIB $XI_LIB $XKB_LIB $XKB_STUB_LIB $COMPOSITE_LIB $MAIN_LIB"])
 +AC_SUBST([XVNC_SYS_LIBS], ["$GLX_SYS_LIBS"])
-+
+
 +PKG_CHECK_MODULES(GBM, "$LIBGBM", [GBM=yes], [GBM=no])
 +if test "x$GBM" = xyes; then
 +	AC_DEFINE(HAVE_GBM, 1, [Have GBM support])
 +fi
 dnl Xnest DDX
- 
+
-@@ -2058,7 +2067,6 @@ if test "x$GLAMOR" = xyes; then
+@@ -1898,6 +1903,8 @@ if test "x$XORG" = xauto; then
- 			 [AC_DEFINE(GLAMOR_HAS_EGL_QUERY_DRIVER, 1, [Have GLAMOR_HAS_EGL_QUERY_DRIVER])],
+ fi
- 			 [])
+ AC_MSG_RESULT([$XORG])
- 
+
-	PKG_CHECK_MODULES(GBM, "$LIBGBM", [GBM=yes], [GBM=no])
+AC_DEFINE_UNQUOTED(XORG_VERSION_CURRENT, [$VENDOR_RELEASE], [Current Xorg version])
- 	if test "x$GBM" = xyes; then
+
- 		AC_DEFINE(GLAMOR_HAS_GBM, 1,
+ if test "x$XORG" = xyes; then
- 			  [Build glamor with GBM-based EGL support])
+ 	XORG_DDXINCS='-I$(top_srcdir)/hw/xfree86 -I$(top_srcdir)/hw/xfree86/include -I$(top_srcdir)/hw/xfree86/common'
-@@ -2523,6 +2531,7 @@ hw/dmx/Makefile
+ 	XORG_OSINCS='-I$(top_srcdir)/hw/xfree86/os-support -I$(top_srcdir)/hw/xfree86/os-support/bus -I$(top_srcdir)/os'
@@ -2116,7 +2123,6 @@ if test "x$XORG" = xyes; then
 	AC_DEFINE(XORG_SERVER, 1, [Building Xorg server])
 	AC_DEFINE(XORGSERVER, 1, [Building Xorg server])
 	AC_DEFINE(XFree86Server, 1, [Building XFree86 server])
 -	AC_DEFINE_UNQUOTED(XORG_VERSION_CURRENT, [$VENDOR_RELEASE], [Current Xorg version])
 	AC_DEFINE(NEED_XF86_TYPES, 1, [Need XFree86 typedefs])
 	AC_DEFINE(NEED_XF86_PROTOTYPES, 1, [Need XFree86 helper functions])
 	AC_DEFINE(__XSERVERNAME__, "Xorg", [Name of X server])
@@ -2691,6 +2697,7 @@ hw/dmx/Makefile
 hw/dmx/man/Makefile
 hw/vfb/Makefile
 hw/vfb/man/Makefile
@ -41,98 +45,47 @@ index 0909cc5b4..c01873200 100644
 hw/xnest/Makefile
 hw/xnest/man/Makefile
 hw/xwin/Makefile
-diff --git a/dri3/Makefile.am b/dri3/Makefile.am
+diff -up xserver/hw/Makefile.am.xserver116-rebased xserver/hw/Makefile.am
-index e47a734e0..99c3718a5 100644
+--- xserver/hw/Makefile.am.xserver116-rebased	2016-09-29 13:14:45.601441659 +0200
--- a/dri3/Makefile.am
+++ xserver/hw/Makefile.am	2016-09-29 13:14:45.631442006 +0200
-+++ b/dri3/Makefile.am
+@@ -38,7 +38,8 @@ SUBDIRS =			\
-@@ -1,7 +1,7 @@
+ 	$(DMX_SUBDIRS)		\
- noinst_LTLIBRARIES = libdri3.la
+ 	$(KDRIVE_SUBDIRS)	\
- AM_CFLAGS = \
+ 	$(XQUARTZ_SUBDIRS)	\
-	-DHAVE_XORG_CONFIG_H \
+-	$(XWAYLAND_SUBDIRS)
-	@DIX_CFLAGS@ @XORG_CFLAGS@
+	$(XWAYLAND_SUBDIRS)	\
-+	@DIX_CFLAGS@ \
+	vnc
 +	@LIBDRM_CFLAGS@
- libdri3_la_SOURCES = \
+ DIST_SUBDIRS = dmx xfree86 vfb xnest xwin xquartz kdrive xwayland
- 	dri3.h \
+
-diff --git a/dri3/dri3.c b/dri3/dri3.c
+diff --git xserver/mi/miinitext.c xserver/mi/miinitext.c
-index ba32facd7..191252969 100644
+index 5596e21..003fc3c 100644
--- a/dri3/dri3.c
+--- xserver/mi/miinitext.c
-+++ b/dri3/dri3.c
+++ xserver/mi/miinitext.c
-@@ -20,10 +20,6 @@
+@@ -107,8 +107,15 @@ SOFTWARE.
-  * OF THIS SOFTWARE.
+ #include "os.h"
-  */
+ #include "globals.h"
- 
+
-#ifdef HAVE_XORG_CONFIG_H
+#ifdef TIGERVNC
-#include <xorg-config.h>
+extern void vncExtensionInit(INITARGS);
-#endif
+#endif
 -
 #include "dri3_priv.h"
 #include <drm_fourcc.h>
 diff --git a/dri3/dri3_priv.h b/dri3/dri3_priv.h
 index b087a9529..f319d1770 100644
 --- a/dri3/dri3_priv.h
 +++ b/dri3/dri3_priv.h
@@ -23,6 +23,7 @@
 #ifndef _DRI3PRIV_H_
 #define _DRI3PRIV_H_
 +#include "dix-config.h"
 #include <X11/X.h>
 #include "scrnintstr.h"
 #include "misc.h"
 diff --git a/dri3/dri3_request.c b/dri3/dri3_request.c
 index 958877efa..687168930 100644
 --- a/dri3/dri3_request.c
 +++ b/dri3/dri3_request.c
@@ -20,10 +20,6 @@
  * OF THIS SOFTWARE.
  */
 -#ifdef HAVE_XORG_CONFIG_H
 -#include <xorg-config.h>
 -#endif
 -
 #include "dri3_priv.h"
 #include <syncsrv.h>
 #include <unistd.h>
 diff --git a/dri3/dri3_screen.c b/dri3/dri3_screen.c
 index b98259753..3c7e5bf60 100644
 --- a/dri3/dri3_screen.c
 +++ b/dri3/dri3_screen.c
@@ -20,10 +20,6 @@
  * OF THIS SOFTWARE.
  */
 -#ifdef HAVE_XORG_CONFIG_H
 -#include <xorg-config.h>
 -#endif
 -
 #include "dri3_priv.h"
 #include <syncsdk.h>
 #include <misync.h>
 diff --git a/hw/Makefile.am b/hw/Makefile.am
 index 19895dc77..3ecfa8b7a 100644
 --- a/hw/Makefile.am
 +++ b/hw/Makefile.am
@@ -44,3 +44,5 @@ DIST_SUBDIRS = dmx xfree86 vfb xnest xwin xquartz kdrive xwayland
 relink:
 	$(AM_V_at)for i in $(SUBDIRS) ; do $(MAKE) -C $$i relink || exit 1 ; done
 +
-+SUBDIRS += vnc
+ /* List of built-in (statically linked) extensions */
-diff --git a/include/dix-config.h.in b/include/dix-config.h.in
+ static const ExtensionModule staticExtensions[] = {
-index f8fc67067..d53c4e72f 100644
+#ifdef TIGERVNC
--- a/include/dix-config.h.in
+    {vncExtensionInit, "VNC-EXTENSION", NULL},
-+++ b/include/dix-config.h.in
+#endif
-@@ -83,6 +83,9 @@
+     {GEExtensionInit, "Generic Event Extension", &noGEExtension},
- /* Define to 1 if you have the <fcntl.h> header file. */
+     {ShapeExtensionInit, "SHAPE", NULL},
- #undef HAVE_FCNTL_H
+ #ifdef MITSHM
- 
+--- xserver/include/os.h~	2016-10-03 09:07:29.000000000 +0200
-+/* Have GBM support */
+++ xserver/include/os.h	2016-10-03 14:13:00.013654506 +0200
-+#undef HAVE_GBM
+@@ -621,7 +621,7 @@
-+
+ extern _X_EXPORT void
- /* Define to 1 if you have the `getdtablesize' function. */
+ LogClose(enum ExitCode error);
- #undef HAVE_GETDTABLESIZE
+ extern _X_EXPORT Bool
- 
+-LogSetParameter(LogParameter param, int value);
 +LogSetParameter(enum _LogParameter param, int value);
 extern _X_EXPORT void
 LogVWrite(int verb, const char *f, va_list args)
 _X_ATTRIBUTE_PRINTF(2, 0);
--- a/SOURCES/xvnc.service
+++ b/SOURCES/xvnc.service
@ -32,7 +32,7 @@
 Description=XVNC Per-Connection Daemon
 [Service]
-ExecStart=-/usr/bin/Xvnc -inetd -query localhost -geometry 1024x768 -depth 24 -once -SecurityTypes=None
+ExecStart=-/usr/bin/Xvnc -inetd -query localhost -geometry 1024x768 -depth 24 -once -SecurityTypes=None -Log *:syslog:30
 User=nobody
 StandardInput=socket
 StandardError=syslog
--- a/SPECS/tigervnc.spec
+++ b/SPECS/tigervnc.spec
@ -4,13 +4,13 @@
 %global modulename vncsession
 Name:           tigervnc
-Version:        1.14.0
+Version:        1.13.1
-Release:        2%{?dist}
+Release:        14%{?dist}
 Summary:        A TigerVNC remote display system
 %global _hardened_build 1
-License:        GPL-2.0-or-later
+License:        GPLv2+
 URL:            http://www.tigervnc.com
 Source0:        %{name}-%{version}.tar.gz
@ -24,13 +24,13 @@ Source5:        vncserver
 # Downstream patches
 Patch1:         tigervnc-use-gnome-as-default-session.patch
 Patch2:         tigervnc-vncsession-restore-script-systemd-service.patch
 Patch3:         tigervnc-dont-install-appstream-metadata-file.patch
 # Upstream patches
-Patch50:        tigervnc-vncsession-use-bin-sh-when-shell-not-set.patch
+Patch50:        tigervnc-support-username-alias-in-plainusers.patch
-Patch51:        tigervnc-add-missing-coma-in-default-security-type-list.patch
+Patch51:        tigervnc-use-dup-to-get-available-fd-for-inetd.patch
-Patch52:        tigervnc-vncsession-move-existing-log-to-log-old-if-present.patch
+Patch52:        tigervnc-add-option-to-force-view-only-remote-connections.patch
-Patch53:        tigervnc-handle-existing-config-directory-in-vncpasswd.patch
+Patch53:        tigervnc-vncsession-use-bin-sh-when-shell-not-set.patch
 Patch54:        tigervnc-correctly-handle-zrle-cursors.patch
 # Upstreamable patches
 Patch80:        tigervnc-dont-get-pointer-position-for-floating-device.patch
@ -42,7 +42,6 @@ Patch101:       0001-rpath-hack.patch
 # XServer patches
 BuildRequires:  make
 BuildRequires:  gcc-c++
 BuildRequires:  gettext
@ -78,13 +77,11 @@ BuildRequires:  libXinerama-devel
 BuildRequires:  libXt-devel
 BuildRequires:  libXtst-devel
 BuildRequires:  libdrm-devel
 BuildRequires:  mesa-libgbm-devel
 BuildRequires:  libtool
 BuildRequires:  libxkbfile-devel
 BuildRequires:  libxshmfence-devel
 BuildRequires:  mesa-libGL-devel
-BuildRequires:  pkgconfig(fontutil)
+BuildRequires:  xorg-x11-font-utils
 BuildRequires:  pkgconfig(xkbcomp)
 BuildRequires:  xorg-x11-server-devel
 BuildRequires:  xorg-x11-server-source
 BuildRequires:  xorg-x11-util-macros
@ -129,12 +126,10 @@ X session.
 %package server-minimal
 Summary:        A minimal installation of TigerVNC server
-Requires(post): systemd
+Requires(post): chkconfig
-Requires(preun): systemd
+Requires(preun):chkconfig
 Requires(postun): systemd
 Requires(post): systemd
-Requires:       mesa-dri-drivers, xkeyboard-config, xkbcomp
+Requires:       mesa-dri-drivers, xkeyboard-config, xorg-x11-xkb-utils
 Requires:       tigervnc-license, dbus-x11
 %description server-minimal
@ -191,21 +186,19 @@ pushd unix/xserver
 for all in `find . -type f -perm -001`; do
        chmod -x "$all"
 done
 # Xorg patches
 %patch -P100 -p1 -b .xserver120-rebased
 %patch -P101 -p1 -b .rpath
 popd
 # Tigervnc patches
 %patch -P1 -p1 -b .use-gnome-as-default-session
 %patch -P2 -p1 -b .vncsession-restore-script-systemd-service
 %patch -P3 -p1 -b .dont-install-appstream-metadata-file.patch
 # Upstream patches
-%patch -P50 -p1 -b .vncsession-use-bin-sh-when-shell-not-set
+%patch -P50 -p1 -b .support-username-alias-in-plainusers
-%patch -P51 -p1 -b .add-missing-coma-in-default-security-type-list
+%patch -P51 -p1 -b .use-dup-to-get-available-fd-for-inetd
-%patch -P52 -p1 -b .vncsession-move-existing-log-to-log-old-if-present
+%patch -P52 -p1 -b .add-option-to-force-view-only-remote-connections
-%patch -P53 -p1 -b .handle-existing-config-directory-in-vncpasswd
+%patch -P53 -p1 -b .tigervnc-vncsession-use-bin-sh-when-shell-not-set
 %patch -P54 -p1 -b .correctly-handle-zrle-cursors.patch
 # Upstreamable patches
 %patch -P80 -p1 -b .dont-get-pointer-position-for-floating-device
@ -216,22 +209,12 @@ export CFLAGS="$RPM_OPT_FLAGS -fPIC"
 %else
 export CFLAGS="$RPM_OPT_FLAGS -fpic"
 %endif
-export CXXFLAGS="$CFLAGS -std=c++11"
+export CXXFLAGS="$CFLAGS"
-%define __cmake_builddir %{_target_platform}
+%{cmake} .
-
+make %{?_smp_mflags}
 mkdir -p %{%__cmake_builddir}
 %cmake
 %cmake_build
 pushd unix/xserver
 %if 0%{?fedora} > 32 || 0%{?rhel} >= 9
 sed -i 's@TIGERVNC_BUILDDIR=${TIGERVNC_SRCDIR}@TIGERVNC_BUILDDIR=${TIGERVNC_SRCDIR}/%{_target_platform}@g' hw/vnc/Makefile.am
 %endif
 autoreconf -fiv
 %configure \
        --disable-xorg --disable-xnest --disable-xvfb --disable-dmx \
@ -241,10 +224,11 @@ autoreconf -fiv
        --with-fontdir=%{_datadir}/X11/fonts \
        --with-xkb-output=%{_localstatedir}/lib/xkb \
        --enable-install-libxf86config \
-        --enable-glx --disable-dri --enable-dri2 --enable-dri3 \
+        --enable-glx --disable-dri --enable-dri2 --disable-dri3 \
        --disable-unit-tests \
        --disable-config-hal \
        --disable-config-udev \
        --with-dri-driver-path=%{_libdir}/dri \
        --without-dtrace \
        --disable-devel-docs \
        --disable-selective-werror
@ -253,11 +237,7 @@ make %{?_smp_mflags}
 popd
 # Build icons
 %if 0%{?fedora} > 32 || 0%{?rhel} >= 9
 pushd %{_target_platform}/media
 %else
 pushd media
 %endif
 make
 popd
@ -266,19 +246,19 @@ pushd unix/vncserver/selinux
 make
 popd
 %install
-%cmake_install
+%make_install
 rm -f %{buildroot}%{_docdir}/%{name}-%{version}/{README.rst,LICENCE.TXT}
 pushd unix/xserver/hw/vnc
-%make_install
+make install DESTDIR=%{buildroot}
 popd
 # Install systemd unit file
 pushd unix/vncserver/selinux
 make install DESTDIR=%{buildroot}
 popd
 # Install systemd unit file
 install -m644 %{SOURCE1} %{buildroot}%{_unitdir}/xvnc@.service
 install -m644 %{SOURCE2} %{buildroot}%{_unitdir}/xvnc.socket
@ -292,21 +272,7 @@ install -m644 tigervnc_$s.png %{buildroot}%{_datadir}/icons/hicolor/${s}x$s/apps
 done
 popd
 appstream-util validate-relax --nonet %{buildroot}%{_metainfodir}/org.tigervnc.vncviewer.metainfo.xml
 desktop-file-validate %{buildroot}%{_datadir}/applications/vncviewer.desktop
 %if 0%{?rhel} > 9
 # Install a replacement for /usr/bin/vncserver which will tell the user to read the
 # HOWTO.md file
 cat <<EOF > %{buildroot}/%{_bindir}/vncserver
 #!/bin/bash
 echo "vncserver has been replaced by a systemd unit."
 echo "Please read /usr/share/doc/tigervnc/HOWTO.md for more information."
 EOF
 chmod +x %{buildroot}/%{_bindir}/vncserver
 %else
 install -m 755 %{SOURCE5} %{buildroot}/%{_bindir}/vncserver
 %endif
 %find_lang %{name} %{name}.lang
@ -317,14 +283,15 @@ mkdir -p %{buildroot}%{_sysconfdir}/X11/xorg.conf.d/
 install -m 644 %{SOURCE3} %{buildroot}%{_sysconfdir}/X11/xorg.conf.d/10-libvnc.conf
 %post server
-%systemd_post xvnc@.service
+%systemd_post xvnc.service
 %systemd_post xvnc.socket
 %preun server
 %systemd_preun xvnc.service
 %systemd_preun xvnc.socket
 %postun server
-%systemd_postun xvnc@.service
+%systemd_postun xvnc.service
 %systemd_postun xvnc.socket
 %pre selinux
@ -346,7 +313,6 @@ fi
 %{_bindir}/vncviewer
 %{_datadir}/applications/*
 %{_mandir}/man1/vncviewer.1*
 %{_datadir}/metainfo/org.tigervnc.vncviewer.metainfo.xml
 %files server
 %config(noreplace) %{_sysconfdir}/pam.d/tigervnc
@ -356,8 +322,8 @@ fi
 %{_unitdir}/vncserver@.service
 %{_unitdir}/xvnc@.service
 %{_unitdir}/xvnc.socket
 %{_bindir}/vncserver
 %{_bindir}/x0vncserver
 %{_bindir}/vncserver
 %{_sbindir}/vncsession
 %{_libexecdir}/vncserver
 %{_libexecdir}/vncsession-start
@ -377,7 +343,7 @@ fi
 %files server-module
 %{_libdir}/xorg/modules/extensions/libvnc.so
-%config(noreplace) %{_sysconfdir}/X11/xorg.conf.d/10-libvnc.conf
+%config %{_sysconfdir}/X11/xorg.conf.d/10-libvnc.conf
 %files license
 %{_docdir}/tigervnc/LICENCE.TXT
@ -390,288 +356,259 @@ fi
 %ghost %verify(not md5 size mode mtime) %{_sharedstatedir}/selinux/%{selinuxtype}/active/modules/200/%{modulename}
 %changelog
-* Tue Jul 23 2024 Jan Grulich <jgrulich@redhat.com> - 1.14.0-2
+* Thu Oct 31 2024 Jan Grulich <jgrulich@redhat.com>
- 1.14.0
+- Fix CVE-2024-9632: xorg-x11-server: heap-based buffer overflow privilege escalation vulnerability
-  Resolves: RHEL-45316
+  Resolves: RHEL-61999
 - Move old log to log.old if present
  Resolves: RHEL-54294
 - Fix shared memory leak
  Resolves: RHEL-55768
-* Mon Aug 05 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-11
+* Mon Aug 05 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-13
 - vncsession: use /bin/sh if the user shell is not set
-  Resolves: RHEL-50679
+  Resolves: RHEL-52827
-* Tue May 28 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-10
+* Fri Jul 12 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-12
 - Fix FTBS: drop already applied Xorg patches
  Resolves: RHEL-46696
 * Tue May 28 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-11
 - vncconfig: add option to force view-only remote client connections
-  Resolves: RHEL-12144
+  Resolves: RHEL-11908
-* Tue Apr 16 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-9
+* Mon Apr 15 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-10
 - Drop patches that are already part of xorg-x11-server
  Resolves: RHEL-30755
  Resolves: RHEL-30767
  Resolves: RHEL-30761
 * Thu Apr 04 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-9
 - Fix CVE-2024-31080 tigervnc: xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents
-  Resolves: RHEL-30756
+  Resolves: RHEL-30755
 - Fix CVE-2024-31083 tigervnc: xorg-x11-server: User-after-free in ProcRenderAddGlyphs
-  Resolves: RHEL-30768
+  Resolves: RHEL-30767
 - Fix CVE-2024-31081 tigervnc: xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice
-  Resolves: RHEL-30762
+  Resolves: RHEL-30761
 * Wed Feb 07 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-8
 - Fix copy/paste error in the DeviceStateNotify
-  Resolves: RHEL-20533
+  Resolves: RHEL-20530
 * Mon Jan 22 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-7
 - Fix CVE-2024-21886 tigervnc: xorg-x11-server: heap buffer overflow in DisableDevice
-  Resolves: RHEL-20389
+  Resolves: RHEL-20388
 - Fix CVE-2024-21885 tigervnc: xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent
-  Resolves: RHEL-20383
+  Resolves: RHEL-20382
 - Fix CVE-2024-0229 tigervnc: xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access
-  Resolves: RHEL-20533
+  Resolves: RHEL-20530
 - Fix CVE-2023-6816 tigervnc: xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer
-  Resolves: RHEL-21213
+  Resolves: RHEL-21214
 * Mon Jan 08 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-6
 - Use dup() to get available file descriptor when using -inetd option
-  Resolves: RHEL-19858
+  Resolves: RHEL-21000
 * Mon Dec 18 2023 Jan Grulich <jgrulich@redhat.com> - 1.13.1-5
 - Fix CVE-2023-6377 tigervnc: xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions
-  Resolves: RHEL-18414
+  Resolves: RHEL-18410
 - Fix CVE-2023-6478 tigervnc: xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty
-  Resolves: RHEL-18426
+  Resolves: RHEL-18422
 * Wed Nov 01 2023 Jan Grulich <jgrulich@redhat.com> - 1.13.1-4
 - Fix CVE-2023-5380 tigervnc: xorg-x11-server: Use-after-free bug in DestroyWindow
-  Resolves: RHEL-15237
+  Resolves: RHEL-15236
 - Fix CVE-2023-5367 tigervnc: xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty
-  Resolves: RHEL-15249
+  Resolves: RHEL-15230
 * Mon Oct 09 2023 Jan Grulich <jgrulich@redhat.com> - 1.13.1-3
 - Support username alias in PlainUsers
-  Resolves: RHEL-8430
+  Resolves: RHEL-4258
 * Tue Apr 11 2023 Jan Grulich <jgrulich@redhat.com> - 1.13.1-2
 - xorg-x11-server: X.Org Server Overlay Window Use-After-Free Local Privilege
  Escalation Vulnerability
-  Resolves: bz#2180310
+  Resolves: bz#2180306
 * Tue Mar 21 2023 Jan Grulich <jgrulich@redhat.com> - 1.13.1-1
 - 1.13.1
-  Resolves: bz#2175732
+  Resolves: bz#2175748
 - Restore "--fallbacktofreeport" option in the vncserver script
  Resolves: bz#2174398
-* Tue Feb 21 2023 Jan Grulich <jgrulich@redhat.com> - 1.12.0-12
+* Thu Dec 08 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-9
- SELinux: allow vncsession create .vnc directory
+- Bump build version to fix upgrade path
-  Resolves: bz#2164703
+  Resolves: bz#1437569
-* Wed Feb 15 2023 Jan Grulich <jgrulich@redhat.com> - 1.12.0-11
+* Fri Nov 18 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-8
 - Add sanity check when cleaning up keymap changes
  Resolves: bz#2169965
 * Mon Feb 06 2023 Jan Grulich <jgrulich@redhat.com> - 1.12.0-10
 - xorg-x11-server: DeepCopyPointerClasses use-after-free leads to privilege elevation
  Resolves: bz#2167061
 * Tue Dec 20 2022 Tomas Popela <tpopela@redhat.com> - 1.12.0-9
 - Rebuild for xorg-x11-server CVE-2022-46340 follow up fix
 * Fri Dec 16 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-8
 - Rebuild for xorg-x11-server CVEs
  Resolves: CVE-2022-4283 (bz#2154234)
  Resolves: CVE-2022-46340 (bz#2154221)
  Resolves: CVE-2022-46341 (bz#2154224)
  Resolves: CVE-2022-46342 (bz#2154226)
  Resolves: CVE-2022-46343 (bz#2154228)
  Resolves: CVE-2022-46344 (bz#2154230)
 * Thu Dec 01 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-7
 - x0vncserver: add new keysym in case we don't find matching keycode
-  + actually apply the patch
+  Resolves: bz#1437569
  Resolves: bz#2119017
-* Thu Dec 01 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-6
+* Wed Aug 24 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-7
 - x0vncserver: add new keysym in case we don't find matching keycode
  Resolves: bz#2119017
 * Mon Oct 24 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-5
 - x0vncserver: fix ghost cursor in zaphod mode (better version)
-  Resolves: bz#2119016
+  Resolves: bz#2109679
-* Tue May 31 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-4
+* Wed Aug 17 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-6
- Add BR: libXdamage, libXfixes, libXrandr
+- x0vncserver: fix ghost cursor in zaphod mode
-  Resolves: bz#2091833
+  Resolves: bz#2109679
-* Tue Apr 05 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-3
+* Tue May 31 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-5
- Do not run systemd_preun on Xvnc service file
+- BR: libXdamage, libXfixes, libXrandr
-  Resolves: bz#2048011
+  Resolves: bz#2088733
-* Mon Apr 04 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-2
+* Tue Feb 08 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-4
 - Drop unexisting option from the old vncserver script
  Resolves: bz#2021893
 * Wed Mar 23 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-1
 - 1.12.0 + sync with Fedora
  Resolves: bz#2048011
  Resolves: bz#2021893
 * Mon Feb 07 2022 Jan Grulich <jgrulich@redhat.com> - 1.11.0-21
 - Added vncsession-restore script for SELinux policy migration
  Fix SELinux context for root user
-  Resolves: bz#2049506
+  Resolves: bz#2021892
-* Fri Nov 26 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-20
+* Fri Jan 21 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-3
- Rebuild for absence in RHEL 9.0
+- Fix crash in vncviewer
-  Resolves: bz#1985858
+  Resolves: bz#2021892
-* Mon Aug 16 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-19
+* Fri Jan 14 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-2
- Sync upstream patches + drop unused patches
+- Remove unavailable option from vncserver script
-  Resolves: bz#1985858
+  Resolves: bz#2021892
-* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 1.11.0-18
+* Fri Jan 14 2022 Jan Grulich <jgrulich@redhat.com> - 1.12.0-1
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+- 1.12.0
-  Related: rhbz#1991688
+  Resolves: bz#2021892
-* Mon Jul 19 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-17
+* Mon Jul 19 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-9
 - Fix logout from VNC session using vncserver
-  Resolves: bz#1983704
+  Resolves: bz#1983706
-* Tue Jun 01 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-16
+* Tue Jun 01 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-8
- Bump version for rebuild (binutils)
+- Run all SELinux RPM macros on correct package
-  Resolves: bz#1961488
+  Resolves: bz#1907963
-* Mon May 17 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-14
+* Mon May 17 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-7
 - SELinux improvements
-  Resolves: bz#1961488
+  Resolves: bz#1907963
- Fix endianness issue on s390x
+* Tue Dec 15 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-6
-  Resolves: bz#1963029
+- Use GNOME as default session
  Resolves: bz#1853608
-* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 1.11.0-13
+* Thu Dec 03 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-5
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
+- Make sure we log properly output to journal (actually log to syslog)
  Resolves: bz#1841537
-* Mon Mar 08 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-12
+* Thu Dec 03 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-4
- Include RHEL8 patches
+- Make sure we log properly output to journal
  Resolves: bz#1841537
-* Fri Mar 05 2021 Jan Grulich <jgrulich@redhat.com> - 1.11.0-11
+* Wed Nov 18 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-3
- Enable old vncserver script for RHEL 9
+- vncserver: ignore new "session" parameter from the new systemd support
  Resolves: bz#1897504
-* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.11.0-10
+* Wed Nov 18 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+- Revert removal of vncserver
  Resolves: bz#1897504
 - Correctly start vncsession as a daemon
  Resolves: bz#1897498
-* Thu Dec 10 07:45:46 CET 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-9
+* Tue Oct 20 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-1
- vncserver: ignore new session parameter from the new systemd support
+- Update to 1.11.0
  Resolves: bz#1880985
 - Backport fix to allow Tigervnc use boolean values in config files
  Resolves: bz#1883415
-* Fri Nov 13 14:08:29 CET 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-8
+* Wed Sep 30 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-8
- Use /run instead of /var/run which is just a symlink
+- Tolerate specifying -BoolParam 0 and similar
  Resolves: bz#1883415
-* Thu Nov 05 2020 Peter Hutterer <peter.hutterer@redhat.com> 1.11.0-7
+* Wed Jul 08 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-7
- Require xkbcomp directly, not xorg-x11-xkb-utils. The latter has had
+- Enable server module on s390x
-  Provides xkbcomp for years.
+  Resolves: bz#1854925
-* Tue Sep 29 13:12:22 CEST 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-6
+* Fri Jul 03 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-6
- Backport upstream fix allowing Tigervnc to specify boolean valus in configuration
+- Remove trailing spaces in user name
- Revert removal of vncserver for F32 and F33
+  Resolves: bz#1852432
-* Thu Sep 24 07:14:06 CEST 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-5
+* Thu Jun 25 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-5
- Actually install the HOWTO.md file
+- Install the HOWTO file to correct location
 * Wed Sep 23 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-4
 - Call systemd macros on correct service file
 * Tue Sep 22 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-3
 - Do not overwrite libvnc.conf config file
 * Thu Sep 17 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-2
 - Add /usr/bin/vncserver file informing users to read the HOWTO.md file
  Resolves: bz#1790443
-* Wed Sep 09 2020 Jan Grulich <jgrulich@redhat.com> - 1.11.0-1
+* Mon Jun 15 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-4
- 1.11.0
+- Improve SELinux policy
  Resolves: bz#1790443
-* Mon Aug 24 2020 Jan Grulich <jgrulich@redhat.com. - 1.10.90-1
+* Mon Jun 15 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-3
- Update to 1.10.90 (1.11.0 beta)
+- Add a HOWTO.md file with instructions how to start VNC server
  Resolves: bz#1790443
-* Sat Aug 01 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.10.1-9
+* Tue May 26 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-2
- Second attempt - Rebuilt for
+- Make the systemd service run also for root user
-  https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+  Resolves: bz#1790443
-* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.10.1-8
+* Mon Apr 27 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-1
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
 * Tue Jul 14 2020 Tom Stellard <tstellar@redhat.com> - 1.10.1-7
 - Use make macros
 - https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
 * Sat Jul 11 2020 Jiri Vanek <jvanek@redhat.com> - 1.10.1-6
 - Rebuilt for JDK-11, see https://fedoraproject.org/wiki/Changes/Java11
 * Sun Apr 19 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-5
 - Requires: dbus-x11
  Resolves: bz#1825331
 * Fri Mar 13 2020 Olivier Fourdan <ofourdan@redhat.com> - 1.10.1-4
 - Fix build with xserver 1.20.7
 * Fri Jan 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.10.1-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
 * Mon Jan 13 2020 Jan Grulich <jgrulich@redhat.com> - 1.10.1-2
 - Build with -std=c++11
 * Fri Dec 20 2019 Jan Grulich <jgrulich@redhat.com> - 1.10.1-1
 - Update to 1.10.1
  Resolves: bz#1806992
-* Tue Dec 10 2019 Jan Grulich <jgrulich@redhat.com> - 1.10.0-2
+- Add proper systemd support
- Properly install systemd files
+  Resolves: bz#1790443
-* Mon Nov 18 2019 Jan Grulich <jgrulich@redhat.com> - 1.10.0-1
+* Tue Jan 28 2020 Jan Grulich <jgrulich@redhat.com> - 1.9.0-13
- Update to 1.10.0
+- Bump build because of z-stream
  Resolves: bz#1671714
-* Fri Oct 18 2019 Jan Grulich <jgrulich@redhat.com> - 1.9.90-1
+* Wed Dec 11 2019 Jan Grulich <jgrulich@redhat.com> - 1.9.0-12
- Update to 1.9.90 (1.10 beta)
+- Fix installation of systemd files
- Add systemd user service file
+  Resolves: bz#1671714
 - Use a wrapper for systemd system service file to workaround systemd limitations
-* Sat Jul 27 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.9.0-7
+* Wed Nov 20 2019 Jan Grulich <jgrulich@redhat.com> - 1.9.0-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+- Use wrapper script to workaround systemd issues
  Resolves: bz#1671714
-* Fri Jul 19 2019 Dan Horák <dan[at]danny.cz> - 1.9.0-6
+* Fri Jul 12 2019 Jan Grulich <jgrulich@redhat.com> - 1.9.0-10
- drop the s390x special handling (related #1727029)
+- Do not return returncode indicating error when running "vncserver -list"
  Resolves: bz#1727860
-* Wed Jun 12 2019 Jan Grulich <jgrulich@redhat.com> - 1.9.0-5
+* Fri Feb 08 2019 Jan Grulich <jgrulich@redhat.com> - 1.9.0-9
- Add missing arguments to systemd_postun scriptlets
+- Make tigervnc systemd service a user service
-  Resolves: bz#1716411
+  Resolves: bz#1639846
-* Sun Feb 03 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.9.0-4
+* Mon Jan 21 2019 Jan Grulich <jgrulich@redhat.com> - 1.9.0-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
+- Kill the session automatically only when Gnome is installed
  Resolves: bz#1665876
-* Tue Sep 25 2018 Jan Grulich <jgrulich@redhat.com> - 1.9.0-3
+* Tue Nov 20 2018 Jan Grulich <jgrulich@redhat.com> - 1.9.0-7
 - Improve coverity scan fixes
  Resolves: bz#1602714
  Inform whether view-only password is used or not
  Resolves: bz#1639169
  Backport fixes from RHEL 7
  Resolves: bz#1651254
 * Tue Oct 09 2018 Jan Grulich <jgrulich@redhat.com> - 1.9.0-6
 - Do not crash passwd when using malloc perturb checks
-  Resolves: bz#1631483
+  Resolves: bz#1637086
 * Mon Oct 08 2018 Jan Grulich <jgrulich@redhat.com> - 1.9.0-5
 - Improve coverity scan fixes
  Resolves: bz#1602714
 * Wed Oct 03 2018 Jan Grulich <jgrulich@redhat.com> - 1.9.0-4
 - Improve coverity scan fixes
  Resolves: bz#1602714
 * Wed Oct 03 2018 Jan Grulich <jgrulich@redhat.com> - 1.9.0-3
 - Fix some coverity scan issues
  Resolves: bz#1602714
 * Wed Aug 01 2018 Jan Grulich <jgrulich@redhat.com> - 1.9.0-2
- Ignore buttons in mouse leave events
+- Remove dependency on initscripts
  Resolves: bz#1609516
 * Tue Jul 17 2018 Jan Grulich <jgrulich@redhat.com> - 1.9.0-1
- Update to 1.9.0
+- Update to 1.9.0 + sync with Fedora
-* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.90-3
+* Tue Jun 12 2018 Adam Jackson <ajax@redhat.com> - 1.8.0-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
+- Fix GLX initialization with Xorg 1.20
-* Wed Jul  4 2018 Peter Robinson <pbrobinson@fedoraproject.org> 1.8.90-2
+* Tue May 29 2018 Jan Grulich <jgrulich@redhat.com> - 1.8.0-9
- Clean up spec: use macros consistenly, drop old sys-v migrations
+- Build against Xorg 1.20
 - Drop ancient obsolete/provides
-* Thu Jun 14 2018 Jan Grulich <jgrulich@redhat.com> - 1.8.90-1
+* Mon May 14 2018 Jan Grulich <jgrulich@redhat.com> - 1.8.0-8
- Update to 1.8.90
+- Drop BR: ImageMagick
 * Wed Jun 13 2018 Jan Grulich <jgrulich@redhat.com> - 1.8.0-10
 - Fix tigervnc systemd unit file
  Resolves: bz#1583159
 * Wed Jun 06 2018 Adam Jackson <ajax@redhat.com> - 1.8.0-9
 - Fix GLX initialization with 1.20
 * Wed Apr 04 2018 Adam Jackson <ajax@redhat.com> - 1.8.0-8
 - Rebuild for xserver 1.20
 * Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.0-7
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
`@ -1 +1 @@`
	`SOURCES/tigervnc-1.14.0.tar.gz`	`SOURCES/tigervnc-1.13.1.tar.gz`
`@ -1 +1 @@`
	`9e67944113159da85f42c24b43f40b842f23feb3 SOURCES/tigervnc-1.14.0.tar.gz`	`6f7a23f14833f552c88523da1a5e102f3b8d35c2 SOURCES/tigervnc-1.13.1.tar.gz`