[ol7_latest] tigervnc-server-1.8.0-33.0.3.el7_9.x86_64

Name:	tigervnc-server
Version:	1.8.0
Release:	33.0.3.el7_9
Architecture:	x86_64
Group:	User Interface/X
Size:	509726
License:	GPLv2+
RPM:	tigervnc-server-1.8.0-33.0.3.el7_9.x86_64.rpm
Source RPM:	tigervnc-1.8.0-33.0.3.el7_9.src.rpm
Build Date:	Tue Dec 03 2024
Build Host:	build-ol7-x86_64.oracle.com
Vendor:	Oracle America
URL:	http://www.tigervnc.com
Summary:	A TigerVNC server
Description:	The VNC system allows you to access the same desktop from a wide variety of platforms. This package includes set of utilities which make usage of TigerVNC server more user friendly. It also contains x0vncserver program which can export your active X session.

Changelog (Show File list) (Show related packages)

Fri Nov 22 2024 Kaylin Devchand <kaylin.devchand@oracle.com> - 1.8.0-33.0.3

- xorg-x11-server: xkb: Fix buffer overflow in _XkbSetCompatMap() [CVE-2024-9632][Orabug: 37295822]

Mon Apr 29 2024 Codrin Pruteanu <codrin.pruteanu@oracle.com> - 1.8.0-33.0.1

- Dropped xorg-CVE-2023-5367.patch, xorg-CVE-2023-6816.patch, xorg-CVE-2023-6377.patch, xorg-CVE-2023-6478.patch,
  xorg-CVE-2024-0229-1.patch, xorg-CVE-2024-0229-2.patch, xorg-CVE-2024-0229-3.patch, xorg-CVE-2024-21885.patch,
  xorg-CVE-2024-21886-1.patch, xorg-CVE-2024-21886-2.patch, xorg-dix-fix-use-after-free-in-input-device-shutdown.patch,
  xorg-CVE-2024-31080.patch, xorg-CVE-2024-31081.patch, xorg-CVE-2024-31082.patch, xorg-CVE-2024-31083.patch,
  xorg-CVE-2024-31083-followup.patch

Thu Apr 04 2024 Jan Grulich <jgrulich@redhat.com> - 1.8.0-33

- Fix crash caused by fix for CVE-2024-31083
  Resolves: RHEL-30976

Thu Apr 04 2024 Jan Grulich <jgrulich@redhat.com> - 1.8.0-32

- Fix CVE-2024-31080 tigervnc: xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents
  Resolves: RHEL-31006
- Fix CVE-2024-31083 tigervnc: xorg-x11-server: User-after-free in ProcRenderAddGlyphs
  Resolves: RHEL-30976
- Fix CVE-2024-31081 tigervnc: xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice
  Resolves: RHEL-30993

Thu Jan 25 2024 Jan Grulich <jgrulich@redhat.com> - 1.8.0-31

- Fix use after free related to CVE-2024-21886
  Resolves: RHEL-20436
- Fix copy/paste error in the DeviceStateNotify
  Resolves: RHEL-20587

Fri Jan 19 2024 Jan Grulich <jgrulich@redhat.com> - 1.8.0-30

- Don't try to get pointer position when the pointer becomes a floating device
  Resolves: RHEL-20436

Fri Jan 12 2024 Jan Grulich <jgrulich@redhat.com> - 1.8.0-29

- Fix CVE-2024-21886 tigervnc: xorg-x11-server: heap buffer overflow in DisableDevice
  Resolves: RHEL-20436
- Fix CVE-2024-21885 tigervnc: xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent
  Resolves: RHEL-20427
- Fix CVE-2024-0229 tigervnc: xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access
  Resolves: RHEL-20587
- Fix CVE-2023-6816 tigervnc: xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer
  Resolves: RHEL-21212

Wed Dec 13 2023 Jan Grulich <jgrulich@redhat.com> - 1.8.0-28

- Updated fix for CVE-2023-6377 tigervnc: xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions
  Resolves: RHEL-18415

Fri Dec 08 2023 Jan Grulich <jgrulich@redhat.com> - 1.8.0-27

- Fix CVE-2023-6377 tigervnc: xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions
  Resolves: RHEL-18415
- CVE-2023-6478 tigervnc: xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty
  Resolves: RHEL-18427

Wed Nov 01 2023 Jan Grulich <jgrulich@redhat.com> - 1.8.0-26

- Fix CVE-2023-5380 tigervnc: xorg-x11-server: Use-after-free bug in DestroyWindow
  Resolves: RHEL-15235
- Fix CVE-2023-5367 tigervnc: xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty
  Resolves: RHEL-15223