Comment 24 for bug 65795

This *is* a security bug - if vino authenticated the user using free password area instead of a real password, an attacker might predict what will be the content of the freed memory area, use it as the authentication password, and gain unauthorized access to the VNC server, without having to guess the user password!
Will you please upload a security fix?