- Overall changes: * LibVNCServer/LibVNCClient development now uses continous intregration, provided by TravisCI. - LibVNCClient: * Now initializes libgcrypt before use if the application did not do it. Fixes a crash when connection to Mac hosts * Various fixes that result in more stable handling of malicious or broken servers. * Removed broken and unmaintained H264 decoding. * Some documentation fixes. * Added hooks to WriteToTLS() for optional protection by mutex. - LibVNCServer: * Stability fixes for the WebSocket implementation. * Replaced SHA1 implementation with the one from RFC 6234. * The built-in HTTP server does not allow directory traversals anymore. * The built-in HTTP now sends correct MIME types for CSS and SVG. * Added support for systemd socket activation. * Made it possible to get autoPort behavior with either ipv4 or ipv6 disabled. * Fixed starting of an onHold-client in threaded mode.
... and fixes CVE-2016-9941 and CVE-2016-9942.
Created attachment 460202 [details, diff] 0004-net-libs-libvncserver-0.9.12-bump-rm-old-patches.patch I don't see the benefits of moving to CMake at this time.
@ Alex, commit 07d5101f6a94c8221226ae66e33c903a1bc8b4ad is not v0.9.12. When upstream starts a new development cycle it is one of its first commit to update version information but this will only be the version number for the next release. Please advise if I should use the same patch for a bump to v0.9.11 or if you provide an updated patch.
Created attachment 460228 [details, diff] 0004-net-libs-libvncserver-0.9.12_pre-bump-rm-old-patches.patch changed the file name and moved the ref one commit newer.
Created attachment 460232 [details, diff] 0004-net-libs-libvncserver-0.9.11-bump-rm-old-patches.patch changed back to 0.9.11, since I was apparently mistaken on the soname issue.
Now in repository, https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=13bf08599c6d332501292db40aea7b9179efc257 Thanks!
no no no no no. it is NOT OK to change my patch to do something I expressly said not to do, and then claim that I did it. I specifically said in bug 578958 that I would not add subslots at this time, and I did not do so in my patch. it is NOT OK to put my name (to be clear, by the git author field) on changes that I did not write, either ethically or legally. if you have some technical argument to make, you can ask me, but you apply my patch to my package as is or not at all. kindly remove the slotting, and note in your commit message that you were the one who inserted it in the first place.
Sorry, I wasn't aware of bug #578958. Reverted via https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e156d77839f174236dbe2eab3719af8142f55701
FTR, I hold no hard feelings toward Whissi, but I wanted to make a strong stand on this stuff in general.
