[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Hmmm, vncviewer no longer works after update - protects from security problem.



Rick Stevens wrote:
On Thu, 2006-05-18 at 00:39 +0200, wwp wrote:
Hello Rick,


On Wed, 17 May 2006 15:32:30 -0700 Rick Stevens <rstevens vitalstream com> wrote:

Interesting.  Several of my systems (both FC4 and FC5) will no longer
permit vncviewer connections after updates to vnc and vnc-server.  There
Yes, after looking at the threads, it appears that it's been squawked to
Bugzilla.
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=191692

I did get around it by uninstalling the -4.1.1-37 versions, going to
mirrors.kernel.org and pulling down the previous versions
(-4.1.1-36.fc5) and installing them.  It all works again.
+++ do not go back to an older 4.1.1 version, it is susceptible to a security fault even when the remote viewer does not provide the correct password ! +++

2006-05-21 Sun: new security fixed vnc rpms in repo !!!

# rpm -q --changelog vnc-server
* Thu May 18 2006 Jitka Kudrnacova <jkudrnac redhat com> 4.1.1-38.fc5
- really fixed authentication

* Wed May 17 2006 Jitka Kudrnacova <jkudrnac redhat com> 4.1.1-37.fc5
- Fixed authentication (bug #191692), upstream patch

* Fri May 12 2006 Jitka Kudrnacova <jkudrnacova redhat com> 4.1.1.-36.fc5
- fixed crash of Xvnc caused by a NULL pointer in interface (bug #187607)
- this also fixes crash of Xvnc when vpnc is running (bug #187069)

4.1.1-38 seems to work OK for me, as both vnc-viewer and vnc-server

DaveT.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]