Hello community, here is the log from the commit of package LibVNCServer for openSUSE:Factory checked in at 2020-07-01 18:22:08 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/LibVNCServer (Old) and /work/SRC/openSUSE:Factory/.LibVNCServer.new.3060 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "LibVNCServer" Wed Jul 1 18:22:08 2020 rev:43 rq:817795 version:0.9.13 Changes: -------- --- /work/SRC/openSUSE:Factory/LibVNCServer/LibVNCServer.changes 2020-05-07 17:49:42.305168727 +0200 +++ /work/SRC/openSUSE:Factory/.LibVNCServer.new.3060/LibVNCServer.changes 2020-07-01 18:22:09.673851281 +0200 @@ -1,0 +2,42 @@ +Tue Jun 30 06:48:57 UTC 2020 - [email protected] + +- version update to 0.9.13 [bsc#1173477] + ## Overall changes: + * Small tweaks to the CMake build system. + * The macOS server example was overhauled and is now the most feature-complete sample + application of the project, ready for real-world use. + * Lots of documentation updates and markdownifying. + * The TravisCI continuous integration now also build-checks cross-compilation from + Linux to Windows. + * Setup a [Gitter community chat](https://gitter.im/LibVNC/libvncserver) for the project. + ## LibVNCServer/LibVNCClient: + * Both LibVNCServer and LibVNCClient now support an additional platform, namely + Microsoft Windows. Building is supported with Visual Studio as well as MingGW. + * The separate crypto routines used by LibVNCClient and LibVNCServer were refactored + into an implementation common to both libraries. + * Several security issues got fixed. + * The bundled noVNC client is now at version 1.1.0 and included via a git submodule. + ## LibVNCClient: + * Added connect timeout as well as read timeout support thanks to Tobias Junghans. + * Both TLS backends now do proper locking of network operations when multi-threaded + thanks to Gaurav Ujjwal. + * Fixed regression in Tight/Raw decoding introduced in 0.9.12 thanks to DRC. + * Fixed encrypted connections to AnonTLS servers when using the OpenSSL back-end. + Made possible by the profound research done by Gaurav Ujjwal. + ## LibVNCServer: + * Added a hooking function (`clientFramebufferUpdateRequestHook`) to deliver + rfbFramebufferUpdateRequest messages from clients to the frame producer + thanks to Jae Hyun Yoo. + * Added SetDesktopSize/ExtendedDesktopSize support thanks to Floris Bos. + * Added multi-threading support for MS Windows. + * Fixed VNC repeater/proxy functionality that was broken in 0.9.12. + * Fixed unstable WebSockets connections thanks to Sebastian Kranz. +- deleted patches + - LibVNCServer-CVE-2019-15681.patch (upstreamed) + - LibVNCServer-CVE-2019-15690.patch (upstreamed) + - LibVNCServer-CVE-2019-20788.patch (upstreamed) + - avoid-pthread_join-if-backgroundLoop-is-FALSE.patch (upstreamed) + - cmake-libdir.patch (upstreamed) + - fix-crash-on-shutdown.patch (upstreamed) + +------------------------------------------------------------------- Old: ---- LibVNCServer-0.9.12.tar.gz LibVNCServer-CVE-2019-15681.patch LibVNCServer-CVE-2019-15690.patch LibVNCServer-CVE-2019-20788.patch avoid-pthread_join-if-backgroundLoop-is-FALSE.patch cmake-libdir.patch fix-crash-on-shutdown.patch New: ---- LibVNCServer-0.9.13.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ LibVNCServer.spec ++++++ --- /var/tmp/diff_new_pack.QOyrWz/_old 2020-07-01 18:22:10.609854168 +0200 +++ /var/tmp/diff_new_pack.QOyrWz/_new 2020-07-01 18:22:10.609854168 +0200 @@ -18,7 +18,7 @@ %define libnum 1 Name: LibVNCServer -Version: 0.9.12 +Version: 0.9.13 Release: 0 Summary: VNC Development Library License: GPL-2.0-or-later @@ -29,18 +29,6 @@ Source1: baselibs.conf #PATCH-FIX-OPENSUSE: redefine keysyms only if needed Patch0: redef-keysym.patch -# https://github.com/LibVNC/libvncserver/issues/281 -Patch1: cmake-libdir.patch -# CVE-2019-15681 [bsc#1155419] -Patch3: LibVNCServer-CVE-2019-15681.patch -# PATCH-FIX-UPSTREAM: https://github.com/LibVNC/libvncserver/commit/d0a76539835d11c0f4723499f8be4bc9c7724eb9 -Patch4: avoid-pthread_join-if-backgroundLoop-is-FALSE.patch -# PATCH-FIX-UPSTREAM: https://github.com/LibVNC/libvncserver/pull/361 -Patch5: fix-crash-on-shutdown.patch -# CVE-2019-20788 [bsc#1170441], integer overflow and heap-based buffer overflow via a large height or width value -Patch6: LibVNCServer-CVE-2019-20788.patch -# CVE-2019-15690 [bsc#1160471], heap buffer overflow -Patch7: LibVNCServer-CVE-2019-15690.patch BuildRequires: cmake BuildRequires: gcc-c++ BuildRequires: libavahi-devel @@ -108,12 +96,6 @@ %prep %setup -q -n libvncserver-%{name}-%{version} %patch0 -p1 -%patch1 -p1 -%patch3 -p1 -%patch4 -p1 -%patch5 -p1 -%patch6 -p1 -%patch7 -p1 # fix encoding for file in ChangeLog ; do mv ${file} ${file}.OLD && \ @@ -152,7 +134,7 @@ %files devel %defattr(-,root,root) -%doc AUTHORS COPYING ChangeLog NEWS README.md TODO +%doc AUTHORS COPYING ChangeLog NEWS.md README.md TODO.md %{_includedir}/rfb/* %dir /usr/include/rfb %{_libdir}/libvncclient.so ++++++ LibVNCServer-0.9.12.tar.gz -> LibVNCServer-0.9.13.tar.gz ++++++ ++++ 107530 lines of diff (skipped)
