TigerVNC 1.4.1 is now available. This is release is in response to the recent Xorg Security Advisory. There are no known vulnerabilities in TigerVNC itself related to this advisory, however some of the changes to the Xorg codebase were not compatible with TigerVNC.
Additionally, the binary packages supplied by the TigerVNC team were built against vulnerable versions of Xorg. The EL6 and Ubuntu Precise & Trusty packages rely on their respective distribution to mitigate the Xorg CVEs. All of these packages have been rebuilt against the latest upstream Xorg source packages but are otherwise essentially unchanged from the 1.4.0 release. The generic and EL5 binaries were previously built against an older version Xorg to which the CVE patches could not be readily applied. As a result, the following changes were made to the generic and EL5 binaries:
Project Evergreen support for openSUSE 11.4 ended in October and as such, TigerVNC can no longer supply binary packages for this distribution. openSUSE 11.4 users should use the generic binaries instead.
Binaries are available from bintray:
https://bintray.com/tigervnc/stable/tigervnc/1.4.1
Regards
The TigerVNC Developers