Package: tigervnc-standalone-server Version: 1.12.0+dfsg-8
RedHat have released updates to tigervnc to address CVE-2023-1393, e.g. https://access.redhat.com/errata/RHSA-2023:1592 but https://security-tracker.debian.org/tracker/CVE-2023-1393 does not mention tigervnc, and the latest version predates the CVE. I guess this relates to the binary package tigervnc-standalone-server but the fix might be needed in one or more of the other tigervnc binary packages. Upstream discussion at https://groups.google.com/g/tigervnc-users/c/5dq5O2OAoQI -- Andrew C. Aitchison Kendal, UK and...@aitchison.me.uk