[ol9_appstream] tigervnc-selinux-1.14.1-1.el9_5.1.noarch

Name:	tigervnc-selinux
Version:	1.14.1
Release:	1.el9_5.1
Architecture:	noarch
Group:	Unspecified
Size:	15187
License:	GPL-2.0-or-later
RPM:	tigervnc-selinux-1.14.1-1.el9_5.1.noarch.rpm
Source RPM:	tigervnc-1.14.1-1.el9_5.1.src.rpm
Build Date:	Mon Mar 10 2025
Build Host:	build-ol9-x86_64.oracle.com
Vendor:	Oracle America
URL:	http://www.tigervnc.com
Summary:	SELinux module for TigerVNC
Description:	This package provides the SELinux policy module to ensure TigerVNC runs properly under an environment with SELinux enabled.

Changelog (Show File list) (Show related packages)

Wed Feb 26 2025 Jan Grulich <jgrulich@redhat.com> - 1.14.1-1.1

- Fix CVE-2025-26594 xorg-x11-server Use-after-free of the root cursor
  Resolves: RHEL-79406
- Fix CVE-2025-26595 xorg-x11-server Buffer overflow in XkbVModMaskText()
  Resolves: RHEL-80018
- Fix CVE-2025-26596 xorg-x11-server Heap overflow in XkbWriteKeySyms()
  Resolves: RHEL-79391
- Fix CVE-2025-26597 xorg-x11-server Buffer overflow in XkbChangeTypesOfKey()
  Resolves: RHEL-80029
- Fix CVE-2025-26598 xorg-x11-server Out-of-bounds write in CreatePointerBarrierClient()
  Resolves: RHEL-79374
- Fix CVE-2025-26599 xorg-x11-server Use of uninitialized pointer in compRedirectWindow()
  Resolves: RHEL-80043
- Fix CVE-2025-26600 xorg-x11-server Use-after-free in PlayReleasedEvents()
  Resolves: RHEL-80037
- Fix CVE-2025-26601 xorg-x11-server Use-after-free in SyncInitTrigger()
  Resolves: RHEL-79353

Fri Nov 08 2024 Jan Grulich <jgrulich@redhat.com> - 1.14.1-1

- 1.14.1
  Resolves: RHEL-66600
- Fix CVE-2024-9632: xorg-x11-server: heap-based buffer overflow privilege escalation vulnerability
  Resolves: RHEL-62000

Mon Aug 05 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-11

- vncsession: use /bin/sh if the user shell is not set
  Resolves: RHEL-50679

Tue May 28 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-10

- vncconfig: add option to force view-only remote client connections
  Resolves: RHEL-12144

Tue Apr 16 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-9

- Fix CVE-2024-31080 tigervnc: xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents
  Resolves: RHEL-30756
- Fix CVE-2024-31083 tigervnc: xorg-x11-server: User-after-free in ProcRenderAddGlyphs
  Resolves: RHEL-30768
- Fix CVE-2024-31081 tigervnc: xorg-x11-server: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice
  Resolves: RHEL-30762

Wed Feb 07 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-8

- Fix copy/paste error in the DeviceStateNotify
  Resolves: RHEL-20533

Mon Jan 22 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-7

- Fix CVE-2024-21886 tigervnc: xorg-x11-server: heap buffer overflow in DisableDevice
  Resolves: RHEL-20389
- Fix CVE-2024-21885 tigervnc: xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent
  Resolves: RHEL-20383
- Fix CVE-2024-0229 tigervnc: xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access
  Resolves: RHEL-20533
- Fix CVE-2023-6816 tigervnc: xorg-x11-server: Heap buffer overflow in DeviceFocusEvent and ProcXIQueryPointer
  Resolves: RHEL-21213

Mon Jan 08 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-6

- Use dup() to get available file descriptor when using -inetd option
  Resolves: RHEL-19858

Mon Dec 18 2023 Jan Grulich <jgrulich@redhat.com> - 1.13.1-5

- Fix CVE-2023-6377 tigervnc: xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions
  Resolves: RHEL-18414
- Fix CVE-2023-6478 tigervnc: xorg-x11-server: out-of-bounds memory read in RRChangeOutputProperty and RRChangeProviderProperty
  Resolves: RHEL-18426

Wed Nov 01 2023 Jan Grulich <jgrulich@redhat.com> - 1.13.1-4

- Fix CVE-2023-5380 tigervnc: xorg-x11-server: Use-after-free bug in DestroyWindow
  Resolves: RHEL-15237

- Fix CVE-2023-5367 tigervnc: xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty
  Resolves: RHEL-15249