Debian Patches
Status for tightvnc/1:1.3.10-9
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| configure-by-size-width-and-byte-order.patch | Overload upstream's configurations per machine type Final configuration is done by __BYTE_ORDER__ AND __SIZE_WIDTH__. | Sven Geuer <debmaint@g-e-u-e-r.de> | no | 2021-02-09 | ||
| CVE-2014-6053.patch | [PATCH] Check malloc() return value on client->server ClientCutText message. Client can send up to 2**32-1 bytes of text, and such a large allocation is likely to fail in case of high memory pressure. This would in a server crash (write at address 0). [sunweaver] port libvncserver patch over to tightvnc's vnc server code |
Nicolas Ruff <nruff@google.com> | no | 2014-08-18 | ||
| CVE-2018-20021.patch | CVE-2018-20021 CWE-835: Infinite loop vulnerability in VNC client code. Vulnerability allows attacker to consume excessive amount of resources like CPU and RAM |
no | ||||
| CVE-2018-20022.patch | CVE-2018-20022 multiple weaknesses CWE-665: Improper Initialization vulnerability in VNC client code that allows attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory layout and in bypassing ASLR |
no | ||||
| CVE-2018-7225.patch | CVE-2018-7225 [sunweaver] port libvncserver patch over to tightvnc's VNC server code |
Mike Gabriel <sunweaver@debian.org> | no | debian | https://github.com/LibVNC/libvncserver/commit/b0c77391e6bd0a2305bbc9b37a2499af74ddd9ee | 2018-06-05 |
| CVE-2019-15678-addon.patch | [PATCH] LibVNCClient: ignore server-sent reason strings longer than 1MB Fixes #273 [sunweaver] Extract these few lines from the above referenced patch and port to tightvnc. This patch was part of the fix series for CVE-2018-20748/libvncserver |
Christian Beier <dontmind@freeshell.org> | no | 2018-12-29 | ||
| CVE-2019-15678.patch | [PATCH] LibVNCClient: ignore server-sent cut text longer than 1MB This is in line with how LibVNCServer does it (28afb6c537dc82ba04d5f245b15ca7205c6dbb9c) and fixes part of #273. [sunweaver] Port to tightvnc. |
Christian Beier <dontmind@freeshell.org> | no | 2018-12-29 | ||
| CVE-2019-15679.patch | [PATCH] LibVNCClient: fail on server-sent desktop name lengths longer than 1MB re #273 |
Christian Beier <dontmind@freeshell.org> | no | 2019-01-06 | ||
| CVE-2019-15680.patch | no | https://github.com/LibVNC/libvncserver/pull/360/commits/85d00057b5daf71675462c9b175d8cb2d47cd0e1 | ||||
| CVE-2019-15681.patch | [PATCH] rfbserver: don't leak stack memory to the remote Thanks go to Pavel Cheremushkin of Kaspersky for reporting. [sunweaver] Ported to rfbserver.c in tightvnc |
Christian Beier <dontmind@freeshell.org> | no | 2019-08-19 | ||
| CVE-2019-8287.patch | CVE-2019-8287 (same as CVE-2018-20020/libvncserver) heap out-of-bound write vulnerability inside structure in VNC client code that can result remote code execution |
no | ||||
| debian-changes-1.3.9-6.1.patch | Upstream changes introduced in version 1.3.9-6.1 This patch has been created by dpkg-source during the package build. Here's the last changelog entry, hopefully it gives details on why those changes were made: . tightvnc (1.3.9-6.1) unstable; urgency=low . * Non-maintainer upload. - Update to packaging format "3.0 (quilt)". * debian/compat - Update to 7. * debian/control - (Build-Depends): Update xutils to xutils-dev (important; Closes: #575865). Update to debhelper 7.1. Remove obsolete x-dev. - (Depends): Add ${misc:Depends}. - (Homepage): New field. - (Standards-Version): Update to 3.8.4. - (tightvncserver::Depends): Replace obsolete xbase-clients with x11-utils and xauth. The needed binaries xdpyinfo and xauth are used in Perl program /usr/bin/tightvncserver. * debian/copyright - Point to GPL-2. * debian/patches - (10, 20): Add new patches. - (30): Convert original MIPS patch to apply to current sources. - (tightvnc-ftbfs-mips.patch): Removed. See 30. * debian/*.{postrm,prerm} - Add "set -e". - Fix Lintian maintainer-script-without-set-e. * debian/rules - (CC): Add. Export variable for xmkmf(1). - (DH_COMPAT): Delete; use debian/compat. - (install): Correct tightvncpasswd.1x to tightvncpasswd.1. - (binary-arch): Remove empty directories. * debian/source/format - New file. * debian/watch - New file. * debian/tightvncserver.doc-base - New file. * debian/xtightvncviewer.menu - (section): Update obsolete Apps/Net to Applications/Network/Communication. . The person named in the Author field signed this changelog entry. |
Sven Geuer <debmaint@g-e-u-e-r.de> | no | debian | 2021-05-15 | |
| deprecated-XKeycodeToKeysym.patch | Replace calls to XKeycodeToKeysym by XkbKeycodeToKeysym | Sven Geuer <debmaint@g-e-u-e-r.de> | no | 2021-02-19 | ||
| fix-spelling.patch | Fix spelling in various files | Sven Geuer <debmaint@g-e-u-e-r.de> | no | 2020-06-24 | ||
| format-security.patch | Fix "format not a string literal and no format arguments" | Sven Geuer <debmaint@g-e-u-e-r.de> | no | 2020-12-19 | ||
| ftbfs-gcc-10.patch | Ensure tightvnc builds with gcc-10 Apply the measure suggested on https://gcc.gnu.org/gcc-10/porting_to.html. For further documentation refer to https://gcc.gnu.org/onlinedocs/gcc/Common-Variable-Attributes.html. |
Sven Geuer <debmaint@g-e-u-e-r.de> | no | debian | 2020-07-24 | |
| ftbfs-hurd-i386.patch | Make tightvnc buildable for the hurd-i386 architecture With hurd-i386 OPEN_MAX is tried to be set to NOFILES_MAX which is undefined. This patch makes sure that OPEN_MAX can always obtain a value. |
Sven Geuer <debmaint@g-e-u-e-r.de> | no | 2021-03-01 | ||
| ftbfs-sparc64.patch | Make tightvnc buildable for the sparc64 architecture With sparc64 an undefined macro is invoked. This macro is added by the patch. | Sven Geuer <debmaint@g-e-u-e-r.de> | no | 2021-03-05 | ||
| install-makefile-build-system.patch | Install a Makefiles based build system. | Sven Geuer <sge@debian.org> | no | 2024-07-04 | ||
| more-arm64-fixes.patch | Description: | Ola Lundqvist <opal@debian.org> | no | debian | 2016-06-19 | |
| ppc64el.patch | Add ppc64el support =================================================================== |
Sven Geuer <debmaint@g-e-u-e-r.de> | no | 2021-05-15 | ||
| remove-upstream-build-system.patch | Remove upstream's entire build system | Sven Geuer <debmaint@g-e-u-e-r.de> | no | 2021-05-15 | ||
| space-chars-in-home-dir-name.patch | Allow for space characters in the home directory name This patch makes sure $HOME is properly quoted so that unusual characters like spaces, apostrophes etc. do not cause unwanted effects up to the failure to start the VNC server. |
Sven Geuer <debmaint@g-e-u-e-r.de> | no | debian | 2021-03-17 | |
| vncviewer.man.patch | Corrections to vncviewer/vncviewer.man Fix hyphens. Remove unsupported -user option. |
Sven Geuer <debmaint@g-e-u-e-r.de> | no | 2021-10-03 |
Showing 1 to 24 of 24 entries
All known versions for source package 'tightvnc'
- 1:1.3.10-9 (sid, trixie)
- 1:1.3.10-7 (bookworm)
- 1:1.3.10-3 (bullseye)