libvncserver (0.9.14+dfsg-1) unstable; urgency=medium
* New upstream release.
* debian/control:
+ Bump Standards-Version: to 4.6.2. No changes needed.
* debian/patches:
+ Drop all patches. All included in this upstream release.
* debian/libvncserver-dev.install:
+ Add CMake module for LibVNCServer.
* debian/*.symbols:
+ Update symbols for 0.9.14.
* debian/{rules,source/lintian-overrides}:
+ Drop finished dbgsym-migration specific rules.
* debian/copyright:
+ Update copyright attributions.
-- Mike Gabriel <sunweaver@debian.org> Mon, 06 Feb 2023 17:38:46 +0100
libvncserver (0.9.13+dfsg-5) unstable; urgency=medium
[ Thosten Alteholz ]
* debian/patches:
+ CVE-2020-29260: Add CVE-2020-29260.patch. Resolve memory leak in
function rfbClientCleanup(). (Closes: #1019228).
[ Mike Gabriel ]
* debian/watch:
+ Use tags-path on Github, not releases-path.
-- Mike Gabriel <sunweaver@debian.org> Sun, 20 Nov 2022 13:10:45 +0100
libvncserver (0.9.13+dfsg-4) unstable; urgency=medium
* debian/patches:
+ Trivially rebase patches 0001 and 0002.
+ Add 0003-rfb-increase-update-buf-size.patch. Allow larger screen sizes.
(Closes: #1010449).
* debian/control:
+ Bump Standards-Version: to 4.6.1. No changes needed.
-- Mike Gabriel <sunweaver@debian.org> Fri, 03 Jun 2022 09:47:24 +0200
libvncserver (0.9.13+dfsg-3) unstable; urgency=medium
* debian/watch:
+ Fix Github watch URL.
-- Mike Gabriel <sunweaver@debian.org> Thu, 29 Apr 2021 14:22:25 +0200
libvncserver (0.9.13+dfsg-2) unstable; urgency=medium
[ Marco Trevisan (TreviƱo) ]
* debian/patches:
+ Fix crashes when using desktop sharing with gnome-remote-desktop
(LP: #1915410; closes: #982940).
[ Mike Gabriel ]
* debian/patches/series:
+ White-space cleanup.
* debian/control:
+ Bump Standards-Version: to 4.5.1. No changes needed.
* debian/watch:
+ Switch to format version 4.
* debian/copyright:
+ Amend attributions. The files common/md5.* don't exist anymore.
-- Mike Gabriel <sunweaver@debian.org> Sun, 28 Feb 2021 15:37:06 +0100
libvncserver (0.9.13+dfsg-1) unstable; urgency=medium
* New upstream release:
- CVE-2018-21247: When connecting to a repeater, only send initialised
string
- CVE-2019-20839: libvncclient: bail out if unix socket name would overflow
- CVE-2019-20840: fix crash because of unaligned accesses in
hybiReadAndDecode()
- CVE-2020-14396: libvncclient/tls_openssl: do not deref a NULL pointer
- CVE-2020-14397: libvncserver: add missing NULL pointer checks
- CVE-2020-14398: libvncclient: handle half-open TCP connections
- CVE-2020-14399: libvncclient: fix pointer aliasing/alignment issue
- CVE-2020-14400: libvncserver: fix pointer aliasing/alignment issue
- CVE-2020-14401: libvncserver: scale: cast to 64 bit before shifting
- CVE-2020-14402: libvncserver: encodings: prevent OOB accesses
- CVE-2020-14403: encodings: prevent OOB accesses
- CVE-2020-14404: libvncserver: encodings: prevent OOB accesses
- CVE-2020-14405: libvncclient/rfbproto: limit max textchat size
* debian/patches:
+ Drop all patches. All applied upstream.
+ Add README file explaining on our patch naming scheme.
* debian/*.symbols:
+ Update symbols.
* debian/control:
+ Bump DH compat level to version 13.
-- Mike Gabriel <sunweaver@debian.org> Mon, 29 Jun 2020 14:44:43 +0200
libvncserver (0.9.12+dfsg-9) unstable; urgency=medium
* Bump Standards-Version: to 4.5.0. No changes needed.
* debian/patches:
+ Add CVE-2019-15690/0001-heap-buffer-overflow.patch. (Closes: #954163).
-- Antoni Villalonga <antoni@friki.cat> Sat, 21 Mar 2020 12:51:24 +0100
libvncserver (0.9.12+dfsg-8) unstable; urgency=medium
* debian/changelog:
+ Typo fix in previous upload stanza.
* debian/patches:
+ Add 0005_LibVNCCient-fix-regression-in-tight-raw-decoding.patch.
LibVNCClient: Fix regression in Tight/Raw decoding. (Closes: #950330).
-- Mike Gabriel <sunweaver@debian.org> Sat, 01 Feb 2020 23:05:21 +0100
libvncserver (0.9.12+dfsg-7) unstable; urgency=medium
* debian/patches:
+ Add 0003_rfbserver-dont-close-fd-0-accidentally.patch and
0004_avoid-pthread-join-if-backgroundLoop-is-FALSE.patch. Follow-up fixes
for concurrency issue during client closure between client and
clientOutput thread. (See #905786).
-- Mike Gabriel <sunweaver@debian.org> Wed, 08 Jan 2020 10:36:05 +0100
libvncserver (0.9.12+dfsg-6) unstable; urgency=medium
[ Sebastien Bacher ]
* debian/tests:
+ Use the correct compiler for proposed autopkgtest cross-testing support.
(Closes: #946615).
[ Mike Gabriel ]
* debian/patches:
+ Add 0002_fix-crash-because-of-unaligned-accesses-in-hybiReadAndDecode.patch.
Fix FTBFS on sparc64 architecture. (Closes: #947808).
-- Mike Gabriel <sunweaver@debian.org> Thu, 02 Jan 2020 15:04:42 +0100
libvncserver (0.9.12+dfsg-5) unstable; urgency=medium
[ Mike Gabriel ]
* debian/control:
+ Add Ds (libvncserver-dev): libgcrypt20-dev, liblzo2-dev and libsasl2-dev.
(As found under B-D). (Closes: #946865).
* debian/tests/control:
+ White-space cleanup.
[ Antoni Villalonga ]
* Add debian/.gitlab.yml salsa tests.
[ Sebastien Bacher ]
* debian/control:
+ Use the correct team name in the Vcs references
-- Mike Gabriel <sunweaver@debian.org> Wed, 18 Dec 2019 09:51:48 +0100
libvncserver (0.9.12+dfsg-4) unstable; urgency=medium
[ Antoni Villalonga ]
* debian/control:
+ Remove obsolete D (libvncserver-dev): libvncserver-config. (Closes:
#946598).
-- Mike Gabriel <sunweaver@debian.org> Wed, 11 Dec 2019 21:58:16 +0100
libvncserver (0.9.12+dfsg-3) unstable; urgency=medium
* Re-upload to unstable as-is.
-- Mike Gabriel <sunweaver@debian.org> Wed, 11 Dec 2019 08:02:19 +0100
libvncserver (0.9.12+dfsg-2) experimental; urgency=medium
* debian/changelog:
+ Weave-in NMU changelog stanzas from previous security uploads
(0.9.11+dfsg-1.1 through to 0.9.11+dfsg-1.3).
* debian/patches:
+ Use subdirs for CVE issues.
+ Re-add erroneously removed patch/fix for CVE-2018-20750.
+ Rebase patch/fix for CVE-2019-15681.
-- Mike Gabriel <sunweaver@debian.org> Fri, 29 Nov 2019 09:50:45 +0100
libvncserver (0.9.12+dfsg-1) experimental; urgency=medium
* New upstream release to experimental. (Closes: #918777).
* debian/{control,compat}:
+ Switch to debhelper-compat notation. Bump DH compat level to version 12.
* debian/control:
+ Bump Standards-Version: to 4.4.1. No changes needed.
+ Add Rules-Requires-Root: field and set it to "no".
+ Move package maintenance to Debian Remote Maintainers team, after
personal communication with Peter Spiess-Knafl. Thanks for all
previous contributions. Also, make myself uploader.
+ Update Vcs-*: fields. Packaging VCS has been moved over to
salsa.debian.org.
+ Update B-Ds; Use cmake for building this package from now on.
Autotools support has been dropped by upstream.
+ Add B-D: liblzo2-dev. Avoid building embedded miniLZO implementation.
+ Add B-D: libsasl2-dev.
* debian/patches:
+ Drop all previous added CVE security fixes. All applied upstream.
+ Drop 0001-ignore_webclients.patch. No automake support available in
upstream sources anymore.
+ Drop remove-libpng.patch. Not required anymore since cmake build switch.
+ Add 0001_cmake-multiarch-support.patch. Fix install_targets, so that they
install to multi-arch libdir.
+ CVE-2019-15681: Add CVE-2019-15681.patch. rfbserver: don't leak stack
memory to the remote. (Closes: #943793).
* debian/rules:
+ Add get-orig-source target for maintainers' convenience.
+ Fully switch to cmake based build. Make sure WITH_PNG gets disabled.
+ Enable all hardening flags.
* debian/{control,libvncserver-config.*}:
+ Drop bin:pkg libvncserver-config. Replace by pkgconfig .pc files.
* debian/libvnc*.symbols:
+ Update symbols files.
+ Add *Build-Depends-Package: meta-data fields.
* debian/libvncserver-dev.install:
+ Drop *.a files. No built by cmake based build implementation anymore.
* debian/{control,rules}:
+ Drop dbg:pkgs, start a very late dbgsym migration.
* debian/source/lintian-overrides:
+ Override debug-symbol-migration-possibly-complete. It will be in
bullseye+1.
* debian/copyright:
+ Use secure URL in Format: field.
* debian/libvncserver-dev.examples:
+ Install examples/ folder into dev:pkg.
* debian/{changelog,control,copyright}:
+ Strip white-spaces off at EOLs.
* debian/tests/smoketest-libvnc*:
+ Stop using $ADDTMP, replace by $AUTOPKGTEST_TMP.
* debian/upstream/metadata:
+ Add DEP-12 compliant metadata file
-- Mike Gabriel <sunweaver@debian.org> Thu, 28 Nov 2019 23:43:20 +0100
# Older entries have been removed from this changelog.
# To read the complete changelog use `apt changelog libvncserver1`.
Generated by dwww version 1.15 on Sun May 19 04:51:47 CEST 2024.