This *is* a security bug - if vino authenticated the user using free password area instead of a real password, an attacker might predict what will be the content of the freed memory area, use it as the authentication password, and gain unauthorized access to the VNC server, without having to guess the user password! Will you please upload a security fix?
-- vino won't accept my password https://launchpad.net/bugs/65795 -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
