tigervnc/tigervnc-delete-underlying-ssecurity.patch

From 8f3e8663b3cf57c0b62d939d6953fbfcc112aadd Mon Sep 17 00:00:00 2001
From: Michal Srb <michalsrb@gmail.com>
Date: Wed, 29 Mar 2017 16:23:18 +0300
Subject: Delete underlying ssecurity in SSecurityVeNCrypt.

Otherwise it gets leaked which would allow even not authenticated clients to exhaust server memory.

diff --git a/common/rfb/SSecurityVeNCrypt.cxx b/common/rfb/SSecurityVeNCrypt.cxx
index 7c13749..ce6c71b 100644
--- a/common/rfb/SSecurityVeNCrypt.cxx
+++ b/common/rfb/SSecurityVeNCrypt.cxx
@@ -55,6 +55,8 @@ SSecurityVeNCrypt::SSecurityVeNCrypt(SecurityServer *sec) : security(sec)
 
 SSecurityVeNCrypt::~SSecurityVeNCrypt()
 {
+  delete ssecurity;
+
   if (subTypes) {
     delete [] subTypes;
     subTypes = NULL;