-
gtk-vnc (0.5.3-0ubuntu2.1) trusty-security; urgency=medium
* SECURITY UPDATE: insufficient bounds checking
- debian/patches/CVE-2017-5884.patch: add checks to
src/vncconnection.c.
- CVE-2017-5884
* SECURITY UPDATE: integer overflow when processing SetColorMapEntries
- debian/patches/CVE-2017-5885-1.patch: don't accept color map entries
for true-color pixel format in src/vncconnection.c.
- debian/patches/CVE-2017-5885-2.patch: correctly validate color map
range indexes in src/vnccolormap.c, src/vncconnection.c.
- CVE-2017-5885
-- Marc Deslauriers <email address hidden> Fri, 17 Feb 2017 12:59:36 -0500
-
gtk-vnc (0.5.3-0ubuntu2) trusty; urgency=medium
* Build using dh-autoreconf.
-- Matthias Klose <email address hidden> Sun, 22 Dec 2013 14:01:58 +0100
-
gtk-vnc (0.5.3-0ubuntu1) trusty; urgency=medium
* New upstream release:
- Support QEMU LED state extension
- Time out connection attempt after 10 seconds
- Abort if out of memory when mmap'ing coroutine stack
- Stop leaking coroutine stack memory
- Improve perfornmance of ZRLE encoding by avoiding memmove
- Only trigger keyboard grab sequence upon key release to
allow modifiers to go to the remote server
- Avoid busy loop upon I/O error which follows blocking I/O,
commonly seen when a server drops the connection
- Fix handling of --no-undefined flag
- Don't break implicit pointer grab from mouse clicks
- Don't drop mouse events that are out of bounds, clamp their
coordinates instead
- Show how to block all accelerators in gvncviewer demo program
* debian/control:
- Use standards-version 3.9.4
* debian/libgvnc-1.0-0.symbols:
- Updated
-- Robert Ancell <email address hidden> Mon, 16 Dec 2013 11:39:33 +1300
-
gtk-vnc (0.5.2-1ubuntu2) saucy; urgency=low
* debian/control:
- Build with valac instead of valac-0.18 for easier transitions
-- Jeremy Bicha <email address hidden> Thu, 30 May 2013 22:01:33 -0400