TigerVNC affected by X.Org X Server vulnerabilities #2714

pmenzel · 2022-07-15T11:04:27Z

TigerVNC uses X.Org X Server upstream sources, and patches them.

Lines 5 to 16 in 9e2db18

    
           XORG_SERVER_VERSION=1.20.2 
        
           XORG_SERVER_NNN=120 
        
           ## this file was created by bee init and should be executed to build a 
        
           ## bee-package. (Additional hints are located at the end of this file.) 
        
           ############################################################################### 
        
           ## The source URL(s) define the location of the sources that will be 
        
           ## downloaded. Version variables may be used to simplify reuse of this bee-file. 
        
           SRCURL[0]="https://github.com/TigerVNC/tigervnc/archive/v${PKGVERSION}/tigervnc-${PKGVERSION}.tar.gz" 
        
           SRCURL[1]="https://ftp.x.org/pub/individual/xserver/xorg-server-$XORG_SERVER_VERSION.tar.bz2"

bee-files/tigervnc.be0

Lines 72 to 74 in 9e2db18

    
           start_cmd cp -R $S/xorg-server-$XORG_SERVER_VERSION/* $B/unix/xserver/ 
        
           start_cmd cd unix/xserver 
        
           start_cmd patch -p1 < $S/unix/xserver$XORG_SERVER_NNN.patch

Just updating TigerVNC to the latest version 1.12.0 is not that easy, as they removed the vncserver script, and the TigerVNC is supposed to run as a system service.

The text was updated successfully, but these errors were encountered:

pmenzel · 2022-07-15T12:51:59Z

It does not seem too critical.

TigerVNC affected by X.Org X Server vulnerabilities #2714

TigerVNC affected by X.Org X Server vulnerabilities #2714

pmenzel commented Jul 15, 2022

pmenzel commented Jul 15, 2022

TigerVNC affected by X.Org X Server vulnerabilities #2714

TigerVNC affected by X.Org X Server vulnerabilities #2714

Comments

pmenzel commented Jul 15, 2022

pmenzel commented Jul 15, 2022