- Update to 0.9.5:
* Sending an illegal security type would result in use-after-free.
* The required size for the alpha map for cursors was incorrectly
calculated. This resulted in a heap-overflow under some circumstances.
* The buffer transform for the cursor was being applied to the
cursor hotspot. The buffer transform does not apply to the hotspot,
so undoing the transform is incorrect. This resulted in the cursor
being offset from the correct hotspot.
OBS-URL: https://build.opensuse.org/request/show/1296230
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/neatvnc?expand=0&rev=18
* Sending an illegal security type would result in use-after-free.
* The required size for the alpha map for cursors was incorrectly
calculated. This resulted in a heap-overflow under some circumstances.
* The buffer transform for the cursor was being applied to the
cursor hotspot. The buffer transform does not apply to the hotspot,
so undoing the transform is incorrect. This resulted in the cursor
being offset from the correct hotspot.
OBS-URL: https://build.opensuse.org/package/show/X11:Wayland/neatvnc?expand=0&rev=38
- Update to 0.9.3:
* Fix some instances of use-after-free that can be reached before
authentication takes place. Those should be viewed as potential
vulnerabilities, so it would be prudent to upgrade ASAP if you're
running Neat VNC on the internet.
* Fix a few issues with WebSockets. One of those bugs will allow
an unauthenticated client to put the server into an endless
loop when parsing HTTP headers. There were also problems with
ping message handling and the way some legacy clients/browsers
were being dealt with that he fixed.
OBS-URL: https://build.opensuse.org/request/show/1247934
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/neatvnc?expand=0&rev=16
* Fix some instances of use-after-free that can be reached before
authentication takes place. Those should be viewed as potential
vulnerabilities, so it would be prudent to upgrade ASAP if you're
running Neat VNC on the internet.
* Fix a few issues with WebSockets. One of those bugs will allow
an unauthenticated client to put the server into an endless
loop when parsing HTTP headers. There were also problems with
ping message handling and the way some legacy clients/browsers
were being dealt with that he fixed.
OBS-URL: https://build.opensuse.org/package/show/X11:Wayland/neatvnc?expand=0&rev=34
- Update to 0.9.2:
* This patch release adds missing bounds checks.
Two buffer overflow vulnerabilities were reported by Frederik
Reiter who also provided patches to fix them.
There are potential security implications, but only authenticated
clients would be able to exploit these vulnerabilities, if at all.
Nevertheless, it is prudent to update as soon as possible.
- Update to 0.9.1:
* Fix a data type mismatch in the clipboard code that caused the
build to fail for 32 bit architectures.
- Update to 0.9.0:
Highlights:
* A v4l2m2m based H.264 encoder that works on Raspberry Pi 1 to 4,
sponsored by Raspberry Pi Ltd.
* Extended clipboard for UTF-8 text was implemented by Attila Fidan.
* Listening on a pre-bound file descriptor, implemented by Attila Fidan.
* The continuous updates extension was implemented by Philipp Zabel.
* We now have simple bandwidth estimation and improved frame pacing.
* Methods for rating pixel formats and modifiers have according to Neat VNC's
preferences have been added.
* The Qemu/VMWare LED state extensions have been implemented.
* H.264 encoders will now encode the correct colour space into the elementary
stream.
Bug fixes:
* Some memory leaks and reference counting errors have been eradicated.
* A race between resizing events and framebuffer updates that would cause a
buffer with the previous size to be sent after a resize event has been fixed.
* Buffers with 24 bits per pixel will now result in 32 bpp being reported to
OBS-URL: https://build.opensuse.org/request/show/1235573
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/neatvnc?expand=0&rev=15
* This patch release adds missing bounds checks.
Two buffer overflow vulnerabilities were reported by Frederik
Reiter who also provided patches to fix them.
There are potential security implications, but only authenticated
clients would be able to exploit these vulnerabilities, if at all.
Nevertheless, it is prudent to update as soon as possible.
- Update to 0.9.1:
* Fix a data type mismatch in the clipboard code that caused the
build to fail for 32 bit architectures.
- Update to 0.9.0:
Highlights:
* A v4l2m2m based H.264 encoder that works on Raspberry Pi 1 to 4,
sponsored by Raspberry Pi Ltd.
* Extended clipboard for UTF-8 text was implemented by Attila Fidan.
* Listening on a pre-bound file descriptor, implemented by Attila Fidan.
* The continuous updates extension was implemented by Philipp Zabel.
* We now have simple bandwidth estimation and improved frame pacing.
* Methods for rating pixel formats and modifiers have according to Neat VNC's
preferences have been added.
* The Qemu/VMWare LED state extensions have been implemented.
* H.264 encoders will now encode the correct colour space into the elementary
stream.
Bug fixes:
* Some memory leaks and reference counting errors have been eradicated.
* A race between resizing events and framebuffer updates that would cause a
buffer with the previous size to be sent after a resize event has been fixed.
* Buffers with 24 bits per pixel will now result in 32 bpp being reported to
OBS-URL: https://build.opensuse.org/package/show/X11:Wayland/neatvnc?expand=0&rev=31
- Update to 0.8.1+git20241008.b539421 adding a _service file to
get the sources from git. This fixes a FTBFS with ffmpeg-7 in
Factory. Note that we can't use @PARENT_TAG@ in the _service
file because 0.8.1 was branched from the v0.8 branch so using it
would look like going back to 0.8.0.
- Add a patch to keep building with older ffmpeg versions too
as well as find the gmp dependency, which can't be found using
pkgconfig in 15.6:
* fix-build-in-15.6.patch
OBS-URL: https://build.opensuse.org/request/show/1217303
OBS-URL: https://build.opensuse.org/package/show/X11:Wayland/neatvnc?expand=0&rev=28
- Update to 0.8.0:
Highlights:
* The colour map pixel format as described in RFC 6143 has been
implemented. Before, the client would just get disconnected if
they requested it. Now they get a map that emulates RGB332.
* Momentary interception of log messages. The user can now set a
thread-local log hander and then set it back to the default.
* Philip Zabel made the code more consistent with the style guide.
Breaking Changes:
* nvnc_client_get_hostname has been replaced with nvnc_client_get_address
Bugfixes:
* Apple's Diffie-Hellman authentication (security type 30) has been fixed.
* A new client connection no longer causes a DNS lookup.
OBS-URL: https://build.opensuse.org/request/show/1150570
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/neatvnc?expand=0&rev=12
Highlights:
* The colour map pixel format as described in RFC 6143 has been
implemented. Before, the client would just get disconnected if
they requested it. Now they get a map that emulates RGB332.
* Momentary interception of log messages. The user can now set a
thread-local log hander and then set it back to the default.
* Philip Zabel made the code more consistent with the style guide.
Breaking Changes:
* nvnc_client_get_hostname has been replaced with nvnc_client_get_address
Bugfixes:
* Apple's Diffie-Hellman authentication (security type 30) has been fixed.
* A new client connection no longer causes a DNS lookup.
OBS-URL: https://build.opensuse.org/package/show/X11:Wayland/neatvnc?expand=0&rev=23
- Update to 0.7.0:
* Desktop resizing
* Software pixel buffers with less than 32 bits per pixel are now supported
* The server may now choose to open a websocket instead of a regular TCP socket
* The RSA-AES and RSA-AES-256 security types have now been implemented
* A Diffie-Hellman based security type frame Apple is also implemented,
although not recommended
* Murmurhash in the damage refinery has been replaced with xxHash,
which performs much better in my tests so far
* Users should now get proper feedback when authentication fails
OBS-URL: https://build.opensuse.org/request/show/1115753
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/neatvnc?expand=0&rev=9
* Desktop resizing
* Software pixel buffers with less than 32 bits per pixel are now supported
* The server may now choose to open a websocket instead of a regular TCP socket
* The RSA-AES and RSA-AES-256 security types have now been implemented
* A Diffie-Hellman based security type frame Apple is also implemented,
although not recommended
* Murmurhash in the damage refinery has been replaced with xxHash,
which performs much better in my tests so far
* Users should now get proper feedback when authentication fails
OBS-URL: https://build.opensuse.org/package/show/X11:Wayland/neatvnc?expand=0&rev=17
- Update to 0.6.0:
Highlights:
* The client now has control over h264 quality settings
* Left & right scrolling is now supported
* A custom framebuffer allocator function can now be assigned
* The following functions have been added
+ A function for querying client side cursor support
+ A function to get the hostname of a connected client
+ A function to get the credentials of an authenticated client
+ A function for listing connected clients
+ A function for disconnecting a client
Bug fixes:
* A race condition when a client tries to resize the display before it has an encoder
* Cursor buffers are now freed on close
* Various race conditions in encoders
* Spurious exits due to SIGPIPE
* Occasional leaked buffers when clients disconnect
* Clients no longer linger on exit with TLS
OBS-URL: https://build.opensuse.org/request/show/1060477
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/neatvnc?expand=0&rev=8
Highlights:
* The client now has control over h264 quality settings
* Left & right scrolling is now supported
* A custom framebuffer allocator function can now be assigned
* The following functions have been added
+ A function for querying client side cursor support
+ A function to get the hostname of a connected client
+ A function to get the credentials of an authenticated client
+ A function for listing connected clients
+ A function for disconnecting a client
Bug fixes:
* A race condition when a client tries to resize the display before it has an encoder
* Cursor buffers are now freed on close
* Various race conditions in encoders
* Spurious exits due to SIGPIPE
* Occasional leaked buffers when clients disconnect
* Clients no longer linger on exit with TLS
OBS-URL: https://build.opensuse.org/package/show/X11:Wayland/neatvnc?expand=0&rev=15
- Update to 0.5.4:
* This fixes stalling during h264 encoding. The FFmpeg devs
seem to think that it's normal to change the default behaviour
of their code, so this needs to be fixed here instead.
- Update to 0.5.3:
* Revert "h264-encoder: Add 30 bit color depth formats"
* server: Fix encoding selection for sw frames
- Update to 0.5.2:
* stream: Remove stray ampersand in tls handshake failure code path
* resampler: Use transformed width as destination stride
- Update to 0.5.1:
* meson: Use partial_dependency() for libdrm cflags
* test: meson: Add missing libdrm_inc dependency
* server: add missing header after f20ffb5e1efe
- Update to 0.5.0:
* H.264 Encoding
* UNIX Sockets
* New framebuffer submission API
* Automatic buffer transforms
* Client side cursor rendering
* Now accepts DMA-BUFs
* Presentation time stamps
* New internal encoder abstraction layer
OBS-URL: https://build.opensuse.org/request/show/1034388
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/neatvnc?expand=0&rev=6
* This fixes stalling during h264 encoding. The FFmpeg devs
seem to think that it's normal to change the default behaviour
of their code, so this needs to be fixed here instead.
- Update to 0.5.3:
* Revert "h264-encoder: Add 30 bit color depth formats"
* server: Fix encoding selection for sw frames
- Update to 0.5.2:
* stream: Remove stray ampersand in tls handshake failure code path
* resampler: Use transformed width as destination stride
- Update to 0.5.1:
* meson: Use partial_dependency() for libdrm cflags
* test: meson: Add missing libdrm_inc dependency
* server: add missing header after f20ffb5e1efe
- Update to 0.5.0:
* H.264 Encoding
* UNIX Sockets
* New framebuffer submission API
* Automatic buffer transforms
* Client side cursor rendering
* Now accepts DMA-BUFs
* Presentation time stamps
* New internal encoder abstraction layer
OBS-URL: https://build.opensuse.org/package/show/X11:Wayland/neatvnc?expand=0&rev=11
Requires aml (request 824743)
- Update to version 0.2.0
- Tight encoding is no longer experimental and also more complete.
+ The encoder employs multiple CPU cores, both for lossy and lossless
compression, which makes it considerably faster than ZRLE, even with
lossless compression.
+ Supports both lossy (JPEG) and lossless (DEFLATE) compression.
+ Allows the client to choose the JPEG "quality" level.
+ Allows the client to choose whether to enable lossy compression or not.
- Service-side resizing: the server can notify the client and resize buffers
when a different display mode is set
- The API has been prepared for adding multi-display suppport. It has not been
implemented, but the (hopefully) won't have to change when it is.
- Version info is baked into the library, so applications linking to neatvnc
can report the version to the user.
- The server can now looks up the address to which to bind using getaddrinfo
OBS-URL: https://build.opensuse.org/request/show/824744
OBS-URL: https://build.opensuse.org/package/show/X11:Wayland/neatvnc?expand=0&rev=5
