Hello community, here is the log from the commit of package tigervnc for openSUSE:Factory checked in at 2020-09-30 19:54:00 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/tigervnc (Old) and /work/SRC/openSUSE:Factory/.tigervnc.new.4249 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "tigervnc" Wed Sep 30 19:54:00 2020 rev:71 rq:838621 version:1.10.1 Changes: -------- --- /work/SRC/openSUSE:Factory/tigervnc/tigervnc.changes 2020-09-29 18:59:22.289596236 +0200 +++ /work/SRC/openSUSE:Factory/.tigervnc.new.4249/tigervnc.changes 2020-09-30 19:54:15.000777126 +0200 @@ -4 +4,5 @@ -- U_0001-Properly-store-certificate-exceptions.patch, +- CVE-2020-26117: Server certificates were stored as certiticate + authoritied, allowing malicious owners of these certificates + to impersonate any server after a client had added an exception + (boo#1176733) + U_0001-Properly-store-certificate-exceptions.patch, @@ -6 +9,0 @@ - * Properly store certificate exceptions (boo#1176733) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------