CVE-2011-1775 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1775): The CSecurityTLS::processMsg function in common/rfb/CSecurityTLS.cxx in the vncviewer component in TigerVNC 1.1beta1 does not properly verify the server's X.509 certificate, which allows man-in-the-middle attackers to spoof a TLS VNC server via an arbitrary certificate.
No version of tigervnc in the tree is affected by this bug. Current stable version already has the fix.
Sorry, the Whiteboard was wrong. GLSA vote: NO.
NO too, closing.