Accepting request 1247934 from X11:Wayland

- Update to 0.9.3: * Fix some instances of use-after-free that can be reached before authentication takes place. Those should be viewed as potential vulnerabilities, so it would be prudent to upgrade ASAP if you're running Neat VNC on the internet. * Fix a few issues with WebSockets. One of those bugs will allow an unauthenticated client to put the server into an endless loop when parsing HTTP headers. There were also problems with ping message handling and the way some legacy clients/browsers were being dealt with that he fixed. OBS-URL: https://build.opensuse.org/request/show/1247934 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/neatvnc?expand=0&rev=16
2025-02-24 14:48:42 +00:00 · 2025-02-24 14:48:42 +00:00 · dbac61387c
commit dbac61387c
parent e269acbfdc 121f2789b7
6 changed files with 23 additions and 9 deletions
--- a/4
+++ b/4
@ -3,8 +3,8 @@
  <service name="obs_scm" mode="manual">
    <param name="scm">git</param>
    <param name="url">https://github.com/any1/neatvnc.git</param>
-    <param name="revision">4c37ae9349f16a255cd3e95ed7931c71e6abf8fc</param>
-    <param name="versionformat">0.9.2</param>
+    <param name="revision">af5811b75e63f53d1d1f1f3f337387553a96786a</param>
+    <param name="versionformat">0.9.3</param>
  </service>
  <service name="tar" mode="manual"/>
  <service name="recompress" mode="manual">
--- a/neatvnc-0.9.2.tar.xz
+++ b/neatvnc-0.9.2.tar.xz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:310f33ff7ba0a2cf248e12e18557efd1374dac4a256ae3ee2f9dcd71d3e4600d
-size 785168
--- a/neatvnc-0.9.3.tar.xz
+++ b/neatvnc-0.9.3.tar.xz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:684f052ecb53db8b438b64bfe0b43795db08da5bb90fddf3b207910face5b55a
+size 785344
--- a/neatvnc.changes
+++ b/neatvnc.changes
@ -1,3 +1,17 @@
+-------------------------------------------------------------------
+Sun Feb 23 18:23:21 UTC 2025 - Michael Vetter <mvetter@suse.com>
+
+- Update to 0.9.3:
+  * Fix some instances of use-after-free that can be reached before
+    authentication takes place. Those should be viewed as potential
+    vulnerabilities, so it would be prudent to upgrade ASAP if you're
+    running Neat VNC on the internet.
+  * Fix a few issues with WebSockets. One of those bugs will allow
+    an unauthenticated client to put the server into an endless
+    loop when parsing HTTP headers. There were also problems with
+    ping message handling and the way some legacy clients/browsers
+    were being dealt with that he fixed.
+
 -------------------------------------------------------------------
 Mon Dec 30 11:06:23 UTC 2024 - Michael Vetter <mvetter@suse.com>

--- a/neatvnc.obsinfo
+++ b/neatvnc.obsinfo
@ -1,4 +1,4 @@
 name: neatvnc
-version: 0.9.2
-mtime: 1733604143
-commit: 4c37ae9349f16a255cd3e95ed7931c71e6abf8fc
+version: 0.9.3
+mtime: 1740304370
+commit: af5811b75e63f53d1d1f1f3f337387553a96786a
--- a/neatvnc.spec
+++ b/neatvnc.spec
@ -19,7 +19,7 @@
 %define libsoname libneatvnc0

 Name:           neatvnc
-Version:        0.9.2
+Version:        0.9.3
 Release:        0
 Summary:        A VNC server library
 License:        ISC