libvncserver (0.9.14+dfsg-1) unstable; urgency=medium * New upstream release. * debian/control: + Bump Standards-Version: to 4.6.2. No changes needed. * debian/patches: + Drop all patches. All included in this upstream release. * debian/libvncserver-dev.install: + Add CMake module for LibVNCServer. * debian/*.symbols: + Update symbols for 0.9.14. * debian/{rules,source/lintian-overrides}: + Drop finished dbgsym-migration specific rules. * debian/copyright: + Update copyright attributions. -- Mike Gabriel <sunweaver@debian.org> Mon, 06 Feb 2023 17:38:46 +0100 libvncserver (0.9.13+dfsg-5) unstable; urgency=medium [ Thosten Alteholz ] * debian/patches: + CVE-2020-29260: Add CVE-2020-29260.patch. Resolve memory leak in function rfbClientCleanup(). (Closes: #1019228). [ Mike Gabriel ] * debian/watch: + Use tags-path on Github, not releases-path. -- Mike Gabriel <sunweaver@debian.org> Sun, 20 Nov 2022 13:10:45 +0100 libvncserver (0.9.13+dfsg-4) unstable; urgency=medium * debian/patches: + Trivially rebase patches 0001 and 0002. + Add 0003-rfb-increase-update-buf-size.patch. Allow larger screen sizes. (Closes: #1010449). * debian/control: + Bump Standards-Version: to 4.6.1. No changes needed. -- Mike Gabriel <sunweaver@debian.org> Fri, 03 Jun 2022 09:47:24 +0200 libvncserver (0.9.13+dfsg-3) unstable; urgency=medium * debian/watch: + Fix Github watch URL. -- Mike Gabriel <sunweaver@debian.org> Thu, 29 Apr 2021 14:22:25 +0200 libvncserver (0.9.13+dfsg-2) unstable; urgency=medium [ Marco Trevisan (TreviƱo) ] * debian/patches: + Fix crashes when using desktop sharing with gnome-remote-desktop (LP: #1915410; closes: #982940). [ Mike Gabriel ] * debian/patches/series: + White-space cleanup. * debian/control: + Bump Standards-Version: to 4.5.1. No changes needed. * debian/watch: + Switch to format version 4. * debian/copyright: + Amend attributions. The files common/md5.* don't exist anymore. -- Mike Gabriel <sunweaver@debian.org> Sun, 28 Feb 2021 15:37:06 +0100 libvncserver (0.9.13+dfsg-1) unstable; urgency=medium * New upstream release: - CVE-2018-21247: When connecting to a repeater, only send initialised string - CVE-2019-20839: libvncclient: bail out if unix socket name would overflow - CVE-2019-20840: fix crash because of unaligned accesses in hybiReadAndDecode() - CVE-2020-14396: libvncclient/tls_openssl: do not deref a NULL pointer - CVE-2020-14397: libvncserver: add missing NULL pointer checks - CVE-2020-14398: libvncclient: handle half-open TCP connections - CVE-2020-14399: libvncclient: fix pointer aliasing/alignment issue - CVE-2020-14400: libvncserver: fix pointer aliasing/alignment issue - CVE-2020-14401: libvncserver: scale: cast to 64 bit before shifting - CVE-2020-14402: libvncserver: encodings: prevent OOB accesses - CVE-2020-14403: encodings: prevent OOB accesses - CVE-2020-14404: libvncserver: encodings: prevent OOB accesses - CVE-2020-14405: libvncclient/rfbproto: limit max textchat size * debian/patches: + Drop all patches. All applied upstream. + Add README file explaining on our patch naming scheme. * debian/*.symbols: + Update symbols. * debian/control: + Bump DH compat level to version 13. -- Mike Gabriel <sunweaver@debian.org> Mon, 29 Jun 2020 14:44:43 +0200 libvncserver (0.9.12+dfsg-9) unstable; urgency=medium * Bump Standards-Version: to 4.5.0. No changes needed. * debian/patches: + Add CVE-2019-15690/0001-heap-buffer-overflow.patch. (Closes: #954163). -- Antoni Villalonga <antoni@friki.cat> Sat, 21 Mar 2020 12:51:24 +0100 libvncserver (0.9.12+dfsg-8) unstable; urgency=medium * debian/changelog: + Typo fix in previous upload stanza. * debian/patches: + Add 0005_LibVNCCient-fix-regression-in-tight-raw-decoding.patch. LibVNCClient: Fix regression in Tight/Raw decoding. (Closes: #950330). -- Mike Gabriel <sunweaver@debian.org> Sat, 01 Feb 2020 23:05:21 +0100 libvncserver (0.9.12+dfsg-7) unstable; urgency=medium * debian/patches: + Add 0003_rfbserver-dont-close-fd-0-accidentally.patch and 0004_avoid-pthread-join-if-backgroundLoop-is-FALSE.patch. Follow-up fixes for concurrency issue during client closure between client and clientOutput thread. (See #905786). -- Mike Gabriel <sunweaver@debian.org> Wed, 08 Jan 2020 10:36:05 +0100 libvncserver (0.9.12+dfsg-6) unstable; urgency=medium [ Sebastien Bacher ] * debian/tests: + Use the correct compiler for proposed autopkgtest cross-testing support. (Closes: #946615). [ Mike Gabriel ] * debian/patches: + Add 0002_fix-crash-because-of-unaligned-accesses-in-hybiReadAndDecode.patch. Fix FTBFS on sparc64 architecture. (Closes: #947808). -- Mike Gabriel <sunweaver@debian.org> Thu, 02 Jan 2020 15:04:42 +0100 libvncserver (0.9.12+dfsg-5) unstable; urgency=medium [ Mike Gabriel ] * debian/control: + Add Ds (libvncserver-dev): libgcrypt20-dev, liblzo2-dev and libsasl2-dev. (As found under B-D). (Closes: #946865). * debian/tests/control: + White-space cleanup. [ Antoni Villalonga ] * Add debian/.gitlab.yml salsa tests. [ Sebastien Bacher ] * debian/control: + Use the correct team name in the Vcs references -- Mike Gabriel <sunweaver@debian.org> Wed, 18 Dec 2019 09:51:48 +0100 libvncserver (0.9.12+dfsg-4) unstable; urgency=medium [ Antoni Villalonga ] * debian/control: + Remove obsolete D (libvncserver-dev): libvncserver-config. (Closes: #946598). -- Mike Gabriel <sunweaver@debian.org> Wed, 11 Dec 2019 21:58:16 +0100 libvncserver (0.9.12+dfsg-3) unstable; urgency=medium * Re-upload to unstable as-is. -- Mike Gabriel <sunweaver@debian.org> Wed, 11 Dec 2019 08:02:19 +0100 libvncserver (0.9.12+dfsg-2) experimental; urgency=medium * debian/changelog: + Weave-in NMU changelog stanzas from previous security uploads (0.9.11+dfsg-1.1 through to 0.9.11+dfsg-1.3). * debian/patches: + Use subdirs for CVE issues. + Re-add erroneously removed patch/fix for CVE-2018-20750. + Rebase patch/fix for CVE-2019-15681. -- Mike Gabriel <sunweaver@debian.org> Fri, 29 Nov 2019 09:50:45 +0100 libvncserver (0.9.12+dfsg-1) experimental; urgency=medium * New upstream release to experimental. (Closes: #918777). * debian/{control,compat}: + Switch to debhelper-compat notation. Bump DH compat level to version 12. * debian/control: + Bump Standards-Version: to 4.4.1. No changes needed. + Add Rules-Requires-Root: field and set it to "no". + Move package maintenance to Debian Remote Maintainers team, after personal communication with Peter Spiess-Knafl. Thanks for all previous contributions. Also, make myself uploader. + Update Vcs-*: fields. Packaging VCS has been moved over to salsa.debian.org. + Update B-Ds; Use cmake for building this package from now on. Autotools support has been dropped by upstream. + Add B-D: liblzo2-dev. Avoid building embedded miniLZO implementation. + Add B-D: libsasl2-dev. * debian/patches: + Drop all previous added CVE security fixes. All applied upstream. + Drop 0001-ignore_webclients.patch. No automake support available in upstream sources anymore. + Drop remove-libpng.patch. Not required anymore since cmake build switch. + Add 0001_cmake-multiarch-support.patch. Fix install_targets, so that they install to multi-arch libdir. + CVE-2019-15681: Add CVE-2019-15681.patch. rfbserver: don't leak stack memory to the remote. (Closes: #943793). * debian/rules: + Add get-orig-source target for maintainers' convenience. + Fully switch to cmake based build. Make sure WITH_PNG gets disabled. + Enable all hardening flags. * debian/{control,libvncserver-config.*}: + Drop bin:pkg libvncserver-config. Replace by pkgconfig .pc files. * debian/libvnc*.symbols: + Update symbols files. + Add *Build-Depends-Package: meta-data fields. * debian/libvncserver-dev.install: + Drop *.a files. No built by cmake based build implementation anymore. * debian/{control,rules}: + Drop dbg:pkgs, start a very late dbgsym migration. * debian/source/lintian-overrides: + Override debug-symbol-migration-possibly-complete. It will be in bullseye+1. * debian/copyright: + Use secure URL in Format: field. * debian/libvncserver-dev.examples: + Install examples/ folder into dev:pkg. * debian/{changelog,control,copyright}: + Strip white-spaces off at EOLs. * debian/tests/smoketest-libvnc*: + Stop using $ADDTMP, replace by $AUTOPKGTEST_TMP. * debian/upstream/metadata: + Add DEP-12 compliant metadata file -- Mike Gabriel <sunweaver@debian.org> Thu, 28 Nov 2019 23:43:20 +0100 # Older entries have been removed from this changelog. # To read the complete changelog use `apt changelog libvncserver1`.
Generated by dwww version 1.15 on Sun May 19 04:51:47 CEST 2024.