This is pretty important. I understand that Ubuntu has promoted RealVNC over tightVNC as the default vnc handler in Ubuntu. It would be very embarrasing to have a year old security bug in the distribution release. I think the vulnerability is in the vnc4-server component.
At first there were doubts about whether the 4.1.1 was vulnerable on Linux, but I've seen some reports suggesting that indeed the Linux port is vulnerable. -- vnc4 version bump request 4.1.2 https://bugs.launchpad.net/bugs/139682 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
