-
vino (3.8.1-0ubuntu9.4) xenial-security; urgency=medium
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2020-25708.patch: fix possible divide-by-zero in
server/libvncserver/rfbserver.c.
- CVE-2020-25708
-- <email address hidden> (Leonidas S. Barbosa) Mon, 16 Nov 2020 12:56:51 -0300
-
vino (3.8.1-0ubuntu9.3) xenial-security; urgency=medium
* SECURITY UPDATE: DoS via unchecked malloc
- debian/patches/CVE-2014-6053.patch: check malloc() return value in
server/libvncserver/rfbserver.c.
- CVE-2014-6053
* SECURITY UPDATE: client cut length issue
- debian/patches/CVE-2018-7225.patch: limit client cut text length to
1 MB in server/libvncserver/rfbserver.c.
- CVE-2018-7225
* SECURITY UPDATE: information disclosure via memory leak
- debian/patches/CVE-2019-15681.patch: don't leak stack memory to the
remote in server/libvncserver/rfbserver.c.
- CVE-2019-15681
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2020-14397.patch: add missing NULL pointer checks
in server/libvncserver/rfbregion.c, server/libvncserver/rfbserver.c.
- CVE-2020-14397
* SECURITY UPDATE: out-of-bounds access via encodings
- debian/patches/CVE-2020-1440x.patch: prevent OOB accesses in
server/libvncserver/corre.c, server/libvncserver/hextile.c,
server/libvncserver/rre.c.
- CVE-2020-14402
- CVE-2020-14403
- CVE-2020-14404
-- Marc Deslauriers <email address hidden> Tue, 06 Oct 2020 10:43:50 -0400
-
vino (3.8.1-0ubuntu9.2) xenial; urgency=medium
* Add debian/links to symlink the hidden vino autostart .desktop to
/usr/share/applications/ which is needed for the Desktop Sharing feature
in GNOME's Settings app to work. Thanks Florian Apolloner for the bug
report and suggested fix. (LP: #1607663)
-- Jeremy Bicha <email address hidden> Sat, 01 Oct 2016 22:57:04 -0400
-
vino (3.8.1-0ubuntu9.1) xenial; urgency=medium
* debian/patches/05_use-system-miniupnpc.patch:
- use correct arguments for upnp calls, fixes vino server eating
cpu and not responding once the corresponding option is enabled
(lp: #1610547)
-- Sebastien Bacher <email address hidden> Wed, 10 Aug 2016 11:03:23 +0200
-
vino (3.8.1-0ubuntu9) xenial; urgency=medium
* No-change rebuild for gnutls transition.
-- Matthias Klose <email address hidden> Wed, 17 Feb 2016 22:41:52 +0000
-
vino (3.8.1-0ubuntu8) xenial; urgency=low
* Fixes the bug with vino not launching when starting user sharing under
GNOME due to its reliance on "enabled" gsettings key. (LP :#1518813)
-- Robert Hoenig <email address hidden> Sun, 10 Jan 2016 10:51:46 +0100
-
vino (3.8.1-0ubuntu7) xenial; urgency=medium
* debian/patches/git_struct_init.patch:
- "Be more careful with memory allocation", should fix some of the
segfault issues reports (lp: #987287)
* debian/patches/git_small_bugfixes.patch:
- backport some easy bugfixes
* debian/patches/git_no_http_server.patch:
- remove http server, it's not used and listen on interfaces for no
reason (lp: #984093)
-- Sebastien Bacher <email address hidden> Fri, 20 Nov 2015 16:51:19 +0100
-
vino (3.8.1-0ubuntu6) wily; urgency=medium
* debian/control:
- Switch build-depends from transitional libgcrypt11-dev to libgcrypt20-dev
-- Robert Ancell <email address hidden> Fri, 07 Aug 2015 12:56:30 +1200
