Check ${S}/common/jpeg.
This is caused by poorly written ebuild, the build-system supports using the system copies --with-included-zlib use libz which is distributed with VNC --with-system-jpeg use libjpeg which is distributed with the O/S --without-included-zlib and --with-system-jpeg to econf The jpeg is at least vulnerable to GLSA-200606-11 Please fix the ebuild or lastrite the package
Arches, please stabilize =net-misc/tigervnc-1.0.0-r3, only change is use system's zlib+jpeg. Thanks Samuli for the fix
gah, nvm
... The fix goes to ./configure in common/ directory
Please stabilize =net-misc/tigervnc-1.0.0-r4
x86 stable
sparc stable
alpha/arm/ia64/sh stable
ppc64 done
Marked ppc stable.
Stable for HPPA.
amd64 stable, all arches done.