diff -Nurp 7/vnc4-4.1.1+X4.3.0/common/rfb/SConnection.cxx 10/vnc4-4.1.1+X4.3.0/common/rfb/SConnection.cxx --- 7/vnc4-4.1.1+X4.3.0/common/rfb/SConnection.cxx 2005-03-11 10:08:41.000000000 -0500 +++ 10/vnc4-4.1.1+X4.3.0/common/rfb/SConnection.cxx 2006-05-18 06:04:48.000000000 -0400 @@ -181,6 +181,16 @@ void SConnection::processSecurityTypeMsg vlog.info("Client requests security type %s(%d)", secTypeName(secType),secType); + std::list secTypes; + std::list::iterator i; + securityFactory->getSecTypes(&secTypes, reverseConnection); + for (i=secTypes.begin(); i!=secTypes.end(); i++) + if (*i == secType) + break; + + if (*i != secType) + throwConnFailedException("Unexpected security type"); + try { state_ = RFBSTATE_SECURITY; security = securityFactory->getSSecurity(secType, reverseConnection); diff -Nurp 7/vnc4-4.1.1+X4.3.0/debian/changelog 10/vnc4-4.1.1+X4.3.0/debian/changelog --- 7/vnc4-4.1.1+X4.3.0/debian/changelog 2006-05-17 17:43:38.000000000 -0400 +++ 10/vnc4-4.1.1+X4.3.0/debian/changelog 2006-05-18 06:04:48.000000000 -0400 @@ -1,3 +1,29 @@ +vnc4 (4.1.1+X4.3.0-10) unstable; urgency=high + + * Correction of critical security issue. Thanks to Martin Kogler + that informed me about the issue, + and provided the patch. + This flaw was originally found by Steve Wiseman of intelliadmin.com. + * Applied patch from Javier Kohen that + inform the user that only 8 first characters of the password will + actually be used when typing more than 8 characters, closes: + #355619. + + -- Ola Lundqvist Mon, 15 May 2006 20:35:17 +0200 + +vnc4 (4.1.1+X4.3.0-9) unstable; urgency=low + + * Final corrections that closes: #363296. + + -- Ola Lundqvist Thu, 27 Apr 2006 07:04:56 +0200 + +vnc4 (4.1.1+X4.3.0-8) unstable; urgency=low + + * Correction in passwd call, closes: #364665. Thanks to + Taco IJsselmuiden for the fix. + + -- Ola Lundqvist Mon, 24 Apr 2006 22:21:12 +0200 + vnc4 (4.1.1+X4.3.0-7) unstable; urgency=low * Applied patch from Andreas Jochens to make it build diff -Nurp 7/vnc4-4.1.1+X4.3.0/unix/vncpasswd/vncpasswd.cxx 10/vnc4-4.1.1+X4.3.0/unix/vncpasswd/vncpasswd.cxx --- 7/vnc4-4.1.1+X4.3.0/unix/vncpasswd/vncpasswd.cxx 2005-03-11 10:08:41.000000000 -0500 +++ 10/vnc4-4.1.1+X4.3.0/unix/vncpasswd/vncpasswd.cxx 2006-05-18 06:04:48.000000000 -0400 @@ -117,6 +117,9 @@ int main(int argc, char** argv) continue; } + if (strlen(passwd.buf) > 8) + fprintf(stderr,"Password too long - only the first 8 characters will be used\n"); + FILE* fp = fopen(fname,"w"); if (!fp) { fprintf(stderr,"Couldn't open %s for writing\n",fname); diff -Nurp 7/vnc4-4.1.1+X4.3.0/unix/vncserver 10/vnc4-4.1.1+X4.3.0/unix/vncserver --- 7/vnc4-4.1.1+X4.3.0/unix/vncserver 2006-05-17 17:43:38.000000000 -0400 +++ 10/vnc4-4.1.1+X4.3.0/unix/vncserver 2006-05-18 06:04:48.000000000 -0400 @@ -82,7 +82,7 @@ if (!$fontPath) { "/usr/X11R6/lib/X11/fonts/Speedo/,". "/usr/X11R6/lib/X11/fonts/misc/,". "/usr/X11R6/lib/X11/fonts/75dpi/,". - "/usr/X11R6/lib/X11/fonts/100dpi/". + "/usr/X11R6/lib/X11/fonts/100dpi/,". "/usr/share/fonts/X11/misc/,". "/usr/share/fonts/X11/Type1/,". "/usr/share/fonts/X11/75dpi/,". @@ -92,7 +92,7 @@ if (!$colorPath) { &ReadXFConfigColor; } if (!$colorPath) { - foreach ("/usr/X11R6/lib/X11/rgb"){ + foreach ("/etc/X11/rgb", "/usr/share/X11/rgb", "/usr/X11R6/lib/X11/rgb"){ $colorPath = $_; last if ( -e "${colorPath}.txt" ); } @@ -189,7 +189,7 @@ if (!-d _ || !-o _ || ($vncUserDirUnderT ($z,$z,$mode) = stat("$vncUserDir/passwd"); if (!(-e "$vncUserDir/passwd") || ($mode & 077)) { warn "\nYou will require a password to access your desktops.\n\n"; - system("vncpasswd -q $vncUserDir/passwd"); + system("vncpasswd $vncUserDir/passwd"); if (($? >> 8) != 0) { exit 1; }