_This is a vulnerability fix release._
Fixes a XSS issue in which the remote VNC server could inject
arbitrary HTML into the noVNC web page via the messages propagated
to the status field, such as the VNC server name.
This affects users of vnc_auto.html and vnc.html, as well as any
users of include/ui.js.
OBS-URL: https://build.opensuse.org/package/show/Cloud:OpenStack:Factory/novnc?expand=0&rev=17
- Update to 0.5.1:
+ Improved keyboard support via use of keysyms.js
+ Fix HEXTILE "blank" tile support
+ lower minimum width to accommodate smaller screens
+ Fix issue causing true-color cursors to not be changed
+ Fix subprotocol support for the TIGHT encoding
- Changes from 0.5.0:
+ General Fixes/Improvements:
- Use Object.defineProperty on Array prototype to prevent
issues with enumeration
- Internal Refactor for improved testability
- Improved parsing of query string parameters
- Support container page scrolling
- Fixed IE10 keyboard support
- Fixes for mobile keyboards (Android and iOS)
- Improved foreign keyboard support
- dynamic script loading without document.write
+ Protocol Support:
- TightVNC support (we support choosing the NOTUNNEL type if
tunnels are requested)
- XVP Support
- Update license tag to "MPL-2.0; LGPL-3.0", following relicensing.
- Drop novnc-0.3-call-websockify.patch,
novnc-0.3-nova-wsproxy.patch: not needed anymore.
OBS-URL: https://build.opensuse.org/request/show/313222
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/novnc?expand=0&rev=5
