chocolatey-packages icon indicating copy to clipboard operation
chocolatey-packages copied to clipboard

Published 20 hours ago verified publisher icon dtgm

UltraVNC

Open Neustradamus opened this issue 1 year ago • 4 comments

Hello @dtgm,

It is possible to do an update for UltraVNC?

  • https://github.com/search?q=repo%3Adtgm%2Fchocolatey-packages+ultravnc&type=code

It is possible to remove all old UltraVNC versions for security?

  • https://github.com/dtgm/chocolatey-packages/tree/master/automatic/_output/ultravnc

Note: The official website is https://uvnc.com/ (https and without www) and the forum is https://forum.uvnc.com/. Announcement here: https://forum.uvnc.com/viewforum.php?f=56

Thanks in advance.

Neustradamus avatar Nov 19 '23 04:11 Neustradamus

@Neustradamus can I ask what brought you to this repository to ask this question?

@mkevenaar is actually now the maintainer of the UltraVNC package.

gep13 avatar Nov 27 '23 10:11 gep13

Dear @gep13,

Thanks for your answser! You can see that all UltraVNC versions are old and unsecure, and the current latest version is 1.4.3.6. It is important to remove all old versions and add only the current latest version for security...

Thanks in advance.

cc: @mkevenaar.

Neustradamus avatar Nov 27 '23 15:11 Neustradamus

@Neustradamus thank you for getting back to me.

Can you point me to somewhere that states that all old versions of UltraVNC an insecure? What specific versions are you referring to here?

gep13 avatar Dec 04 '23 21:12 gep13

@gep13: Some examples about old versions:

  • https://www.cvedetails.com/vulnerability-list/vendor_id-4294/Ultravnc.html
  • https://www.cvedetails.com/vulnerability-list/vendor_id-20752/Uvnc.html

And there are fixes without CVEs.

The source code is here:

  • https://github.com/ultravnc/UltraVNC

Neustradamus avatar Dec 04 '23 21:12 Neustradamus