This page records changes made to VNC 5.x, most recent first.
5.3.3
- VNC Server no longer reports that support and upgrade entitlement has expired if you currently have a valid VNC Connect (version 6) subscription.
5.3.2
Windows
- FIXED: VNC Server now correctly captures a desktop set to span multiple monitors with different DPI settings.
UNIX and Linux
- FIXED: Setting the
poll parameter to a number of milliseconds (for example 200) in an appropriate configuration file (such as ~/.vnc/config.d/vncserverui-virtual for Virtual Mode) or /etc/vnc/common.custom (for all modes) now works around copy and paste issues in X applications such as gVim.
5.3.1
All platforms
- If VNC Viewer is minimized while in full screen mode, it no longer automatically returns to full screen mode for any reason.
- Setting the advanced
AlterShiftWithMods VNC Server parameter to 0 allows VNC Server to inject key combinations such as Ctrl+C, even if the connected VNC Viewer user has Caps Lock enabled.
- FIXED: Importing a connection into VNC Address Book now also imports that connection’s VNC Server password, if one has been saved.
- FIXED: The name and location of VNC Server’s private RSA key can now be successfully configured via the RsaPrivateKeyFile parameter.
Windows
- FIXED: Installing VNC Server in a non-default location no longer causes connected VNC Viewer users to see a black screen.
UNIX and Linux
- SELinux policy modules are automatically registered on Red Hat-compatible distributions (version 5.0+ only) if SELinux is enabled during installation or upgrade, meaning the
vncserver-x11-serviced and vncserver-virtuald daemons, and printing, work out-of-the-box. On Debian-compatible distros, or if SELinux is enabled later, you can register the policy modules manually.
5.3.0
| Released |
| 16 December 2015 |
All platforms
- NEW: Providing VNC Server and VNC Viewer are both version 5.3, connections use the very latest RFB 5 protocol for enhanced security, with updated cipher suites and support for Perfect Forward Secrecy.
- NEW: VNC Server with an Enterprise or a Personal license can restrict the IP addresses on which it listens for connections, reducing the attack surface. Note the
InTransports parameter has been removed, which means VNC Server with a Free license can no longer listen on just IPv4 addresses, or on just IPv6 addresses.
- NEW: VNC Viewer can send keep alive messages to VNC Server in order to maintain (perhaps minimized) connections that might otherwise be considered idle by routers or gateways, and unexpectedly terminated. Conversely, the same mechanism can clean up connections that have terminated, perhaps due to network failure.
- NEW: VNC Server has a new screen capture architecture that is both more robust and responsive. Users should see fewer disconnections and reconnections when transiting between desktop and login screens. System administrators should be aware of a new
vncagent binary and process.
- Screen capture on Windows 8+ computers using DirectX is now more efficient, giving a better user experience. As part of this work, the
UpdateMethod parameter has been renamed CaptureMethod on all platforms, and has new defaults that make choosing the optimal capture method easier.
- Configuring security for VNC Server at the command line or using policy is now simpler using new, separate, more intuitive Authentication and Encryption parameters. On upgrade,
SecurityTypes and UserPasswdVerifier values are mapped appropriately unless a VNC password is mandated using policy.
- The
vncpasswd utility now has flags that make specifying a VNC password for VNC Server in all modes easier. In addition, running the utility without a flag now shows the help rather than defaulting to VNC Server in User Mode.
- The
Password parameter is now included in policy template files so VNC Server with an Enterprise license can be remotely provisionedwith a VNC password. To obtain a password in the correct obfuscated format, run vncpasswd -print.
Windows
- NEW: Support for Windows 10.
- NEW: VNC Viewer can send media keys such as Play and Volume Up to VNC Server.
- NEW: VNC Server can remap keys received from VNC Viewer, perhaps to inject a non-native character or control key.
UNIX and Linux
- NEW: Support for Ubuntu 15.04—15.10, Debian 8, Red Hat/CentOS 7, and Fedora 21—23.
- By default, VNC Server in Service Mode now logs to the syslog
USER facility, and the VNC Server in Virtual Mode daemon to the DAEMONfacility, instead of to file (note other facilities are available).
- VNC Server in Virtual Mode now checks up to 500 X display numbers for the next available display, up from 99. Note that X displays in the range 0-99 are mapped to ports 5900-5999 as before; subsequently, the mapping is as follows: 100-199 (ports 7100-7199); 200-299 (ports 7300-7399); 300-399 (ports 7500-7599); 400-499 (ports 7700-7799).
- Users in the
sudo group can now authenticate to VNC Server in Service Mode with an Enterprise or a Personal license on Linux platforms out-of-the-box. This is in addition to users in the admin group and the root user.
Mac OS X
- NEW: Support for 10.11 El Capitan.
- NEW: On 10.7+ computers, VNC Viewer can be made full screen in the same way as any other Mac app. Note this does mean the app window can no longer span multiple monitors. To do this, revert to legacy full screen mode.
- NEW: VNC Server can remap keys received from VNC Viewer, perhaps to inject a non-native character or control key.
- VNC Viewer can now send special keys such as Cmd+Tab and the Spotlight shortcut to VNC Server whenever the app window has focus, and not just in full screen mode.
- By default, VNC Server in Service Mode now logs to syslog instead of to file.
5.2.3
Windows
- FIXED: Accept/reject prompts now appear correctly if a host computer user logs out while VNC Viewer users are connecting.
UNIX and Linux
- FIXED: Re-installing or upgrading VNC on certain platforms no longer results in duplicate PAM entries that can prevent connections.
- FIXED: The VNC Server in Virtual Mode daemon (
vncserver-virtuald) no longer crashes the host computer if VNC parameters or Xvnc options in configuration files are specified in the wrong format.
Mac OS X
- The
TryLegacyCaptureMethod VNC parameter can be set to 1 if screen corruption is experienced when connected to headless servers running OS X 10.10 Yosemite.
5.2.2
Windows
- The DisplayDevice VNC Server parameter now remotes virtual monitors that have been force-detected.
- FIXED:
vnckeyhelper.exe, a support utility that enables connected users to perform privileged key presses such as Alt+Tab securely, no longer checks online for revoked certificates.
UNIX and Linux
- NEW: Support for Ubuntu 14.10. Note that if you are using VNC Server in Virtual Mode, you will need to change the default desktop environment.
- FIXED: VNC Server in Virtual Mode no longer crashes on low-color depth displays when a session is shared and a second user connects.
Mac OS X
- NEW: Support for OS X 10.10 (Yosemite).
5.2.1
Windows
- FIXED: VNC Viewer should now start correctly in all circumstances.
- FIXED: Active Directory users and groups in different domains can now be registered with VNC Server using the Users & Permissions page of the Options dialog box.
- FIXED: The Minimize and Maximize buttons on the VNC Viewer shortcut (F8) menu now work correctly.
UNIX and Linux
- FIXED: The VNC Server status icon should now appear when you log on to the root user account on a host computer.
Mac OS X
- FIXED: Second and subsequent media keys (such as Volume Up or Mute) are now sent to VNC Server, and the equivalent physical keys on the keyboard attached to the host computer are no longer disabled.
5.2.0
All platforms
- NEW: VNC is available in French, German, and Spanish. The appropriate language for the desktop of each user is automatically selected. This can be changed (if required) using the Locale VNC parameter.
- VNC parameters that parse environment variables (such as LogDir) now resolve the syntax
$$ to a literal $, for example to accommodate such a character in a folder name.
- FIXED: The VNC Viewer chat interface no longer prevents a user account password being entered at the Login window or lock screen.
Windows
- Chat and file transfer are no longer separate applications but rather merged into the
vncserverui.exe program. To configure chat and file transfer using Group Policy, examine the VNC Server > mode > User Interface policy folder.
- FIXED: VNC applications can now be run from user accounts with a
$ character in the account name.
- FIXED: Active Directory groups with ‘universal’ scope can now be registered with VNC Server on the Users & Permissions page of the Options dialog, in addition to groups with ‘global’ and ‘domain local’ scope.
UNIX and Linux
- VNC Server in Service Mode (
vncserver-x11-serviced) and the VNC Server in Virtual Mode daemon (vncserver-virtuald) can now be started using systemctl on Linux distributions that support systemd, such as the latest Fedora.
- VNC Server now supports PAM session modules, and session actions in
pam_umask.so, pam_limits.so, pam_env.so, and pam_unix.so are automatically referenced in /etc/pam.d/vncserver (or equivalent file).
- Chat is no longer a separate application but rather merged into the
vncserverui program. To configure chat using policy, edit the vncserverui-<mode> policy template file.
- FIXED: VNC hosted on a network share no longer relies on the
cacerts.pem file.
Mac OS X
- NEW: VNC Server in Service Mode can lock the computer or start the screensaver when the last VNC Viewer user disconnects (not available under OS X 10.4).
VNC Chat.app no longer reads from the /Library/Preferences/com.realvnc.vncchat.plist file. To configure chat using policy, edit the vncserverui-<mode> policy template file.- FIXED: VNC Viewer no longer prevents media keys such as volume or brightness from affecting the client computer.
5.1.1
All platforms
- FIXED: An issue when setting the same port for VNC connections (RfbPort) and for VNC Viewer for Java downloads (HttpPort).
Windows
- Automatic update checks can now be controlled when installing VNC at the command line.
- FIXED: VNC Server no longer incorrectly reports that a standard license key is not valid for the current domain.
Mac OS X
- FIXED: Users can now connect if the display is asleep even if a password is required to wake the display.
5.1.0
| Released |
| 10 December 2013 |
All platforms
- NEW: VNC Server can check whether critical software patches, and product updates to which you are entitled, are available to download from the RealVNCweb site.
- NEW: VNC Server publishes a more-memorable catchphrase than the unique signature on which it is based, deterring man-in-the-middle attacks by making identity checks more intuitive for connecting users.
- NEW: VNC applications can be configured remotely, and locked down to prevent change, using policy. Policy template files are available to download for distribution to target computers using a suitable mechanism, for example Group Policy under Windows. (Enterprise only)
- NEW: Message boxes displayed when connections are unexpectedly terminated can now be suppressed using the HideCloseAlert VNC Viewer parameter, making scripting easier.
- The VNC Server Options dialog has been made easier to use, and highlights features locked down by policy. For both VNC Server and VNC Viewer, it also simplifies the process of creating debug log files to send to RealVNC Support.
- The new Permissions VNC Server parameter replaces
NtLogon_Config (Windows) and AllowedUsers and AllowedGroups (other platforms). Existing users, groups, and permissions are automatically upgraded. (Enterprise and Personal only)
- The
Permissions parameter now grants access to features in the following sets: f (full), d (default), v (view-only). (Enterprise and Personal only)
- The
Permissions parameter now supports explicitly denying permission to use a feature, as well as allowing and not allowing that feature. Deny cannot be overridden by individual members of a group. (Enterprise and Personal only)
- VNC Server logs are now directed to file at more appropriate locations, as determined by the new LogDir parameter.
- The VNC Server Information Center dialog now distinguishes between successful and unsuccessful connections on the Diagnostics page, which may give warning of a port sniffing or brute-force dictionary attack.
- All instances of VNC Server running on a computer can be reconfigured without downtime using the
vnclicense -reload command.
- Single sign-on authentication is now easier to set up and benefits from new documentation. (Enterprise only)
- VNC parameters are now fully documented.
- FIXED: Copying and pasting text from connected computers is now more reliable. See also the ServerClipboardGraceTime VNC Viewer parameter.
Windows
- NEW: Separate MSI installers for VNC Server and VNC Viewer are available for download for deployment to target computers in a Group Policy Object. VNC Server can also be licensed at install-time using a Group Policy transform.
- FIXED: Key combinations such as Alt+Tab are now supported for connections to Windows 8 computers. Note VNC Server must be installed to a secure location such as
C:\Program Files.
- FIXED: Second and subsequent monitors plugged-in to discrete graphics cards on Windows 8 computers are now remoted to connected users.
UNIX and Linux
- NEW: Support for Ubuntu 13.10, Debian 7 and Fedora 19.
- NEW: The RootSecurity VNC Server parameter protects the system credentials of connecting users from observation by a VNC Server owner who is not root.
- NEW: The VNC Server in Virtual Mode daemon (
vncserver-virtuald) supports single sign-on authentication. (Enterprise only)
- NEW: The VNC Server in Virtual Mode user interface can be hidden using the advanced
StartUI VNC Server parameter.
- NEW: VNC Server in Virtual Mode can clean up stale sockets and release display numbers using the
vncserver-virtual -cleancommand.
- VNC Server no longer automatically authenticates users with locked or expired accounts. (Enterprise only)
- VNC Server in Virtual Mode now creates a virtual desktop with a default color depth of 24 (32 bits-per-pixel).
- The Permissions VNC Server parameter now accepts the ID of a group as well as its name. (Enterprise and Personal only)
- Under AIX, PAM can be substituted for LAM more easily using the new UsePam VNC Server parameter.
- The
vnclicense utility can manage license keys in locations other than the default /etc/vnc using the new LicenseDir parameter. This is especially useful when installing on a network share.
- The man pages have been rewritten.
Mac OS X
- VNC Server no longer automatically authenticates users with locked or expired accounts. (Enterprise only)
- VNC Server now checks groups other than the primary Active Directory group to ascertain whether connecting users are eligible to authenticate. (Enterprise and Personal only)
- The
vnclicense utility can manage license keys in locations other than the default /etc/vnc using the new LicenseDir parameter.
5.0.7
| Released |
| 19 December 2013 |
UNIX and Linux
- FIXED: Local users can no longer execute arbitrary code as root by passing a maliciously crafted argument to the VNC Server in User Mode (
vncserver-x11) or Virtual Mode (Xvnc) setuid-root helpers. Note this issue only affected 5.0.6. See CVE-2013-6886.
Mac OS X
- FIXED: Local users can no longer execute arbitrary code as root by passing a maliciously crafted argument to the VNC Server in User Mode (
vncserver) setuid-root helper. Note this issue only affected 5.0.6. See CVE-2013-6886.
5.0.6
Windows
- NEW: Support for Windows 8.1.
- NEW: The AutoLogonOverride VNC Server parameter enables connected users to hold down the Shift key while logging off in order to prevent the same user account being automatically logged back on.
Mac OS X
- NEW: Support for 10.9 (Mavericks).
5.0.5
All platforms
- FIXED: The VNC Server - File Transfer dialog now always appears.
- The BlacklistTimeout VNC Server parameter now accepts a number of seconds between 1 and 2147483647.
UNIX and Linux
- Improvements to CUPS printing backend.
Mac OS X
- Improvements to CUPS printing backend.
5.0.4
All platforms
- FIXED: Text can now be copied and pasted in either direction if the connection was originally made to a computer at the login screen (that is, not yet logged on to a particular user account).
5.0.3
All platforms
- NEW: The mouse cursor snaps to a corner of the host computer’s desktop if it exits the VNC Viewer window within a certain distance of a corner (configurable via the PointerCornerSnapThreshold parameter), making it easier to trigger hotspots under the latest operating systems (particularly Windows 8 and Mac OS X 10.8).
Windows
- Improved support for Windows 8.
- Under Windows 8, connection notification messages are now displayed on the Start screen as well as in the Desktop app.
- Under Windows 8, Desktop Duplication replaces VNC Mirror Driver as the optimal screen capture mechanism in most circumstances.
- VNC authentication passwords are now created using the
vncpasswd utility, rather than specified using multiple parameters.
- FIXED: If connection notifications are disabled, messages are no longer shown when subsequently logging on to an account on the host computer.
- FIXED: Multiple and collated copies of documents can now be printed to local printers.
- FIXED: VNC Server no longer monitors the host computer’s clipboard so frequently, minimizing clashes with applications such as Excel.
- FIXED: VNC Server no longer displays erroneous 10061 error messages when starting up on slow computers.
UNIX and Linux
- The VNC Server in Virtual Mode daemon (
vncserver-virtuald) now respects the BlacklistThreshold and BlacklistTimeout parameters in order to prevent denial-of-service attacks.
5.0.2
Windows
- FIXED: VNC Server in Service Mode no longer reports error 10038 (SetBlocking) when run in conjunction with certain third party software.
Mac OS X
- NEW: Support for 10.8 (Mountain Lion). VNC is a signed (that is, legitimate) application for download from the Internet.
- NEW: Support for Mac Book Pro computers with Retina displays.
- FIXED: Connections can now be established to a computer whose display is asleep (lower of the two sliders in the System Preferences > Energy Saver pane). Note connections cannot be established if the computer itself is asleep.
5.0.1
Windows
- FIXED: RDP connections to 32-bit XP computers now succeed when VNC Server is running in Service Mode. Note that VNC Viewer users who subsequently connect must request control, since VNC and RDP connections cannot co-exist; the RDP user may or may not grant control requests.
Mac OS X
- FIXED: VNC now installs on case-sensitive HSFX file systems.
- FIXED: Multiple monitors attached to 10.6 (Snow Leopard) computers are now displayed correctly.
- FIXED: The graphical Licensing Wizard can now always be used to license VNC Server.
5.0.0
All platforms
- NEW: VNC Server providing basic remote control freely available across all supported platforms.
- NEW: VNC Server containing premium security and performance features available for use across all supported UNIX/Linux and Mac OS X platforms.
- NEW: Apply a license key at any time to unlock premium features without installing software.
- NEW: The same license key can be applied on any platform, simplifying mixed deployments.
- NEW: Grace period of seven days in which to license VNC Server permanently after trial, or if an existing license key has expired.
- NEW: VNC Server user interface with improved access to diagnostic and troubleshooting information, and a licensing and repair wizard.
- NEW: VNC Viewer can automatically reconnect in certain circumstances, for example when a host computer user logs or switches out.
- NEW: VNC Viewer explicitly warns about unencrypted connections.
- NEW: VNC Viewer can connect via SOCKS/HTTP proxy servers that require BASIC authentication.
Windows
- NEW: Support for Windows 8 Release Preview.
- The VNC Server executable has been renamed from
winvnc4.exe to vncserver.exe.
- VNC Server in Service Mode no longer automatically restarts if it was explicitly stopped before a computer is rebooted.
- VNC Server in Service Mode need no longer be pre-registered before it is started at the command line.
- VNC Server no longer requires a separate
vncconfig utility in order to permit configuration.
Mac OS X
- NEW: Support for Mac OS X 10.7 (Lion) Server.
- The VNC Server binary has been renamed from
macvnc to vncserver.
- VNC Server configuration files are now located in
~/.vnc/config.d (User Mode) and ~/var/root/config.d (Service Mode) directories, rather than settings in prefs files.
- VNC authentication passwords are now stored in standard configuration rather than in separate password files.
- RSA public/private key pairs can now be generated by a single command rather than a separate
vnckeygen utility.
- Single-sign on authentication is now implemented using a symbolic link rather than the
SSOLib VNC parameter.
UNIX and Linux
- NEW: Support for Ubuntu 11.04+, Debian 6, RHEL/CentOS 6, Fedora 14+, and Solaris 11.
- NEW: VNC Server in Service Mode re-implemented and available across all supported platforms.
- The VNC Server in User Mode binary has been renamed from
x0vncserver to vncserver-x11.
- The VNC Server in Virtual Mode binary has been renamed from
vncserver to vncserver-virtual (note vncserver is now a symbolic link).
- VNC Server no longer requires a separate
vncconfig utility in order to permit configuration and operations such as file transfer and copy and paste text.
- VNC authentication passwords are now stored in standard configuration rather than in separate password files.
- RSA public/private key pairs can now be generated by a single command rather than a separate
vnckeygen utility.
- Single-sign on authentication is now implemented using a symbolic link rather than the
SSOLib VNC parameter.
Comments
Article is closed for comments.