libvncserver 0.9.11+dfsg-1.2 source package in Ubuntu
Changelog
libvncserver (0.9.11+dfsg-1.2) unstable; urgency=high
* Non-maintainer upload.
* Fix multiple security vulnerabilities (Closes: #916941)
- Use-after-free in file transfer extension allows for potential
code execution (CVE-2018-15126)
- Heap out-of-bounds write in
rfbserver.c:rfbProcessFileTransferReadBuffer() allows for
potential code execution (CVE-2018-15127)
- Multiple heap out-of-bound writes in VNC client code
(CVE-2018-20019)
- Heap out-of-bound write inside structure in VNC client code allows
for potential code execution (CVE-2018-20020)
- Infinite loop in VNC client code allows for denial of service
(CVE-2018-20021)
- Improper initialization in VNC client code allows for information
disclosure (CVE-2018-20022)
- Improper initialization in VNC Repeater client code allows for
information disclosure (CVE-2018-20023)
- NULL pointer dereference in VNC client code allows for denial of
service (CVE-2018-20024)
- Use-after-free in file transfer extension server code allows for
potential code execution (CVE-2018-6307)
* Update symbols file for libvncserver1.
The fix for CVE-2018-15126 removes CloseUndoneFileTransfer and
introduces new CloseUndoneFileDownload and CloseUndoneFileUpload.
-- Salvatore Bonaccorso <email address hidden> Wed, 02 Jan 2019 16:26:53 +0100
Upload details
- Uploaded by:
- Peter Spiess-Knafl
- Uploaded to:
- Sid
- Original maintainer:
- Peter Spiess-Knafl
- Architectures:
- any
- Section:
- x11
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| libvncserver_0.9.11+dfsg-1.2.dsc | 2.5 KiB | cbd1a4cd125472bb4290e923585a2a4f089bd449337066ccca587a7913f19fd6 |
| libvncserver_0.9.11+dfsg.orig.tar.gz | 513.4 KiB | ea27be2b923cc5e89fb2d93415fdc2373c90cdd2379cf9c671fa234482c69509 |
| libvncserver_0.9.11+dfsg-1.2.debian.tar.xz | 18.7 KiB | 18305a97f5985650e3da106374342a021cff20af15d370db068e2b67e086bf79 |
Available diffs
No changes file available.
Binary packages built by this source
- libvncclient1: No summary available for libvncclient1 in ubuntu disco.
No description available for libvncclient1 in ubuntu disco.
- libvncclient1-dbg: No summary available for libvncclient1-dbg in ubuntu disco.
No description available for libvncclient1-dbg in ubuntu disco.
- libvncserver-config: No summary available for libvncserver-config in ubuntu disco.
No description available for libvncserver-config in ubuntu disco.
- libvncserver-dev: No summary available for libvncserver-dev in ubuntu disco.
No description available for libvncserver-dev in ubuntu disco.
- libvncserver1: No summary available for libvncserver1 in ubuntu disco.
No description available for libvncserver1 in ubuntu disco.
- libvncserver1-dbg: No summary available for libvncserver1-dbg in ubuntu disco.
No description available for libvncserver1-dbg in ubuntu disco.
