These are all security issues fixed in the LibVNCServer-devel-0.9.13-4.1 package on the GA media of openSUSE Tumbleweed.