This is a security update for TigerVNC 1.7.0 which fixes a memory
overflow issue via the RRE decoder. A malicious server could possibly
use this issue to take control of the TigerVNC viewer.
Users are advised to upgrade as soon as possible.
Still using xorg-server-1.17.2 for now.
The proper release of TigerVNC 1.7.0 is now available. Lots of
changes have been made since the last release, but the highlights
are:
Multi-threaded decoder in the FLTK viewer
Windows Vista/2008 is now the minimum requirement
Improved SSH integration in the Java viewer
Fine grained lock down of Xvnc parameters
Compatibility with Xorg 1.18
Lots of packaging fixes
Better compatibility with Vino, both in the FLTK and Java viewer
Do not update xserver used, still 1.17.2.
Release notes:
TigerVNC 1.6.0 is now available. This release is mostly about fixing
various bugs and polishing existing features, but there are some
notable new things:
* Multi-head support in the Java viewer
* Better certificate handling in the Java viewer, including host
name verification
TigerVNC 1.5.0 - Lots of changes have been made since
the last release, but the highlights are:
- IPv6 support in the servers
- You can now have two passwords, one for full access and one for
"view only".
- syslog support in Xvnc
- GnuTLS priority configuration
- Performance fixes
- You can now easily start more clients on OS X
- More translations
TigerVNC 1.4.3 - This release addresses the following issues:
- Upstream patches applied to the underlying Xorg code base to
mitigate CVE-2015-0255.
- Fixes for performance regressions introduced in 1.4.0.
- Character encoding of clipboard text send by Java viewer now
strictly adheres to the RFB specification.
TigerVNC 1.4.1 - This is release is in response to the recent Xorg
Security Advisory. There are no known vulnerabilities in TigerVNC itself
related to this advisory, however some of the changes to the Xorg
codebase were not compatible with TigerVNC.
TigerVNC 1.4.0 - Lots of changes have been made since
the last release, but the highlights are:
- Colour map (aka indexed, palette) mode is largely removed. TigerVNC
is still compatible with other VNC implementations, but you can no
longer run Xvnc in colour map mode.
- Improvements to the keyboard handling both on the server and client
- Support for newer Xorg versions in the server build
- x0vncserver now supports XDamage for instant updates, making it
slightly less useless
- WinVNC now works in service mode on newer Windows versions
- Better full screen mode for the Java client on OS X
- man pages should now be up to date
- Improved TLS implementation in the Java client
- Lots and lots of cleanups and bug fixes
and mwdavies, who added the Xvnc build.
TigerVNC is a high-performance, platform-neutral implementation of
VNC (Virtual Network Computing), a client/server application that
allows users to launch and interact with graphical applications on
remote machines. TigerVNC provides the levels of performance
necessary to run 3D and video applications, and it attempts to
maintain a common look and feel and re-use components, where
possible, across the various platforms that it supports. TigerVNC
also provides extensions for advanced authentication methods and
TLS encryption.
