Fedora has issued an advisory today (November 13): https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2WS5E7H4A5J3U5YBCTMRPQVGWK5LVH7D/ tigervnc needs to be rebuilt with patched X server from bug 32453. Mageia 8 and 9 are also affected.
Source RPM: (none) => tigervnc-1.13.1-2.mga9.src.rpmWhiteboard: (none) => MGA9TOO, MGA8TOOCC: (none) => nicolas.salguero
No registered maintainer, assigning to all
CC: (none) => marja11Assignee: bugsquad => pkg-bugs
Suggested advisory: ======================== The updated packages fix security vulnerabilities: OOB write in XIChangeDeviceProperty/RRChangeOutputProperty. (CVE-2023-5367) Use-after-free bug in DestroyWindow. (CVE-2023-5380) References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5367 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5380 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2WS5E7H4A5J3U5YBCTMRPQVGWK5LVH7D/ https://bugs.mageia.org/show_bug.cgi?id=32453 ======================== Updated packages in 9/core/updates_testing: ======================== tigervnc-1.13.1-2.1.mga9 tigervnc-java-1.13.1-2.1.mga9 tigervnc-server-1.13.1-2.1.mga9 tigervnc-server-module-1.13.1-2.1.mga9 from SRPM: tigervnc-1.13.1-2.1.mga9.src.rpm Updated packages in 8/core/updates_testing: ======================== tigervnc-1.11.0-4.4.mga8 tigervnc-java-1.11.0-4.4.mga8 tigervnc-server-1.11.0-4.4.mga8 tigervnc-server-module-1.11.0-4.4.mga8 from SRPM: tigervnc-1.11.0-4.4.mga8.src.rpm
Status: NEW => ASSIGNEDVersion: Cauldron => 9Whiteboard: MGA9TOO, MGA8TOO => MGA8TOOAssignee: pkg-bugs => qa-bugs
Keywords: (none) => advisory
Advisory from comment 2 added to SVN. Please remove the "advisory" keyword if it needs to be changed. It also helps when obsolete advisories are tagged as "obsolete"
CC: (none) => mageia
MGA8-64 Xfce on Acer Aspire 5253 No installation issues. Following lead on bug 31386 Comment 3 and mudling thru the HOWTO file, apply the settings explained there, I got # systemctl restart vncserver@:1 # systemctl -l status vncserver@:1 ● vncserver@:1.service - Remote desktop service (VNC) Loaded: loaded (/usr/lib/systemd/system/vncserver@.service; disabled; vendor preset: disabled) Active: active (running) since Thu 2023-11-16 11:49:58 CET; 5s ago Process: 2769 ExecStart=/usr/libexec/vncsession-start :1 (code=exited, status=0/SUCCESS) Main PID: 2776 (vncsession) Tasks: 1 (limit: 4364) Memory: 500.0K CPU: 51ms CGroup: /system.slice/system-vncserver.slice/vncserver@:1.service ‣ 2776 /usr/sbin/vncsession tester8vnc :1 Nov 16 11:49:57 mach7.hviaene.thuis systemd[1]: Starting Remote desktop service (VNC)... Nov 16 11:49:58 mach7.hviaene.thuis systemd[1]: Started Remote desktop service (VNC). And then from the desktop PC I could connect to this laptop with remmina, choosing the vnc option and adressing mach7:1. That opened as specified in the vnc-settings , a MATE session on this laptop. Good to go.
Whiteboard: MGA8TOO => MGA8TOO MGA8-64-OKCC: (none) => herman.viaene
Installed and tested without issues. Tested the vncserver by starting the systemd service. Tested clients vncclient, VncViewer.jar and KRDC. Tested through a ssh tunnel. System server: Mageia 8, x86_64, Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz. System client: Mageia 8, x86_64, Plasma DE, LXQt DE, AMD Ryzen 5 5600G with Radeon Graphics. ##### ON THE SERVER ##### # uname -a Linux marte 6.1.45-desktop-1.mga8 #1 SMP PREEMPT_DYNAMIC Fri Aug 11 22:01:56 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux # rpm -qa | grep tigervnc | sort -u tigervnc-1.11.0-4.4.mga8 tigervnc-java-1.11.0-4.4.mga8 tigervnc-server-1.11.0-4.4.mga8 tigervnc-server-module-1.11.0-4.4.mga8 # systemctl status vncserver@\:1.service ● vncserver@:1.service - Remote desktop service (VNC) Loaded: loaded (/usr/lib/systemd/system/vncserver@.service; disabled; vendor preset: disabled) Active: active (running) since Thu 2023-11-16 17:14:31 WET; 1s ago Process: 2308777 ExecStart=/usr/libexec/vncsession-start :1 (code=exited, status=0/SUCCESS) Main PID: 2308783 (vncsession) Tasks: 1 (limit: 19046) Memory: 440.0K CPU: 8ms CGroup: /system.slice/system-vncserver.slice/vncserver@:1.service ‣ 2308783 /usr/sbin/vncsession pclx :1 nov 16 17:14:31 marte systemd[1]: Starting Remote desktop service (VNC)... nov 16 17:14:31 marte systemd[1]: Started Remote desktop service (VNC). ##### On THE CLIENT ##### $ uname -a Linux jupiter 6.1.45-desktop-1.mga8 #1 SMP PREEMPT_DYNAMIC Fri Aug 11 22:01:56 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux $ rpm -qa | grep tigervnc | sort tigervnc-1.11.0-4.3.mga8 tigervnc-java-1.11.0-4.3.mga8 $ vncviewer -geometry 1920x1080 localhost:1 Visualizador TigerVNC 64 bits v1.11.0 Compilado em: 2023-04-05 07:43 Copyright (C) 1999-2020 Equipe TigerVNC e muitos outros (veja README.rst) Veja https://www.tigervnc.org para informação sobre o TigerVNC. Thu Nov 16 17:13:07 2023 DecodeManager: Detected 12 CPU core(s) DecodeManager: Creating 4 decoder thread(s) CConn: Conectado ao host localhost porta 5901 CConnection: Server supports RFB protocol version 3.8 CConnection: Using RFB protocol version 3.8 CConnection: Choosing security type VeNCrypt(19) CVeNCrypt: Choosing security type TLSVnc (258) Thu Nov 16 17:13:11 2023 DesktopWindow: Ajustando tamanho de janela para evitar solicitação de tela cheia acidental CConn: Usando formato de pixel depth 24 (32bpp) little-endian rgb888 CConnection: Enabling continuous updates $ java -jar /usr/share/java/VncViewer.jar TigerVNC Java Viewer v1.11.0 (20230405) Built on 2023-04-05 at 07:46:25 Copyright (C) 1999-2020 TigerVNC Team and many others (see README.rst) See https://www.tigervnc.org for information on TigerVNC. DecodeManager: Detected 12 CPU core(s) DecodeManager: Creating 4 decoder thread(s) CConn: connected to host localhost port 5901 CConnection: Server supports RFB protocol version 3.8 CConnection: Using RFB protocol version 3.8 CConn: Using pixel format depth 24 (32bpp) little-endian rgb888 CConnection: Enabling continuous updates
MGA9-64 Xfce on Acer Aspire 5253 No installation issues. Copied changes in /etc/tigervnc and created user to connect with # systemctl restart vncserver@:1 [root@mach7 ~]# systemctl -l status vncserver@:1 ● vncserver@:1.service - Remote desktop service (VNC) Loaded: loaded (/usr/lib/systemd/system/vncserver@.service; disabled; preset: disabled) Active: active (running) since Fri 2023-11-17 10:28:10 CET; 3s ago Process: 22437 ExecStart=/usr/libexec/vncsession-start :1 (code=exited, status=0/SUCCESS) Main PID: 22444 (vncsession) Tasks: 0 (limit: 4317) Memory: 444.0K CPU: 108ms CGroup: /system.slice/system-vncserver.slice/vncserver@:1.service ‣ 22444 /usr/sbin/vncsession tester9vnc :1 Nov 17 10:28:08 mach7.hviaene.thuis systemd[1]: Starting vncserver@:1.service... Nov 17 10:28:10 mach7.hviaene.thuis systemd[1]: Started vncserver@:1.service. Connected form desktop PC with remmina, from own laptop with tigervnc viewer and VncViewer.jar. $ java -jar ./VncViewer.jar Nov 17, 2023 10:41:08 AM java.util.prefs.FileSystemPreferences$1 run INFO: Created user preferences directory. TigerVNC Java Viewer v1.13.1 (20231114) Built on 2023-11-14 at 09:25:46 Copyright (C) 1999-2022 TigerVNC Team and many others (see README.rst) See https://www.tigervnc.org for information on TigerVNC. DecodeManager: Detected 2 CPU core(s) DecodeManager: Creating 2 decoder thread(s) CConn: connected to host mach7 port 5901 CConnection: Server supports RFB protocol version 3.8 CConnection: Using RFB protocol version 3.8 CConn: Using pixel format depth 24 (32bpp) little-endian rgb888 CConnection: Enabling continuous updates All worked OK.
Whiteboard: MGA8TOO MGA8-64-OK => MGA8TOO MGA8-64-OK MGA9-64-OK
Validating.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2023-0321.html
Resolution: (none) => FIXEDStatus: ASSIGNED => RESOLVED