Debian have fixed a security bug in tigervnc which is in universe,
so someone needs to generate a debdiff for the security team to
review it and publish the package:
https://bugs.launchpad.net/ubuntu/+source/tigervnc/+bug/2048442
Debian have fixed this by building tigervnc 1.13.1 with xorg-server-source
= 2:21.1.10, but Ubuntu 23.10 has tigervnc 1.12.0+dfsg-8 and
xorg-server-source
2:21.1.7-3ubuntu2.6
On a good day I can build a .deb from source, but I am not familiar with
debdiffs and it is not clear to me that changing the upstream version
(either for mantic or noble) is a casual thing to do.
What is the next step to get this fix published ?
Thanks,
--
Andrew C. Aitchison Kendal, UK
and...@aitchison.me.uk
--
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
