libvncserver 0.9.11+dfsg-1.2 source package in Ubuntu
Changelog
libvncserver (0.9.11+dfsg-1.2) unstable; urgency=high * Non-maintainer upload. * Fix multiple security vulnerabilities (Closes: #916941) - Use-after-free in file transfer extension allows for potential code execution (CVE-2018-15126) - Heap out-of-bounds write in rfbserver.c:rfbProcessFileTransferReadBuffer() allows for potential code execution (CVE-2018-15127) - Multiple heap out-of-bound writes in VNC client code (CVE-2018-20019) - Heap out-of-bound write inside structure in VNC client code allows for potential code execution (CVE-2018-20020) - Infinite loop in VNC client code allows for denial of service (CVE-2018-20021) - Improper initialization in VNC client code allows for information disclosure (CVE-2018-20022) - Improper initialization in VNC Repeater client code allows for information disclosure (CVE-2018-20023) - NULL pointer dereference in VNC client code allows for denial of service (CVE-2018-20024) - Use-after-free in file transfer extension server code allows for potential code execution (CVE-2018-6307) * Update symbols file for libvncserver1. The fix for CVE-2018-15126 removes CloseUndoneFileTransfer and introduces new CloseUndoneFileDownload and CloseUndoneFileUpload. -- Salvatore Bonaccorso <email address hidden> Wed, 02 Jan 2019 16:26:53 +0100
Upload details
- Uploaded by:
- Peter Spiess-Knafl
- Uploaded to:
- Sid
- Original maintainer:
- Peter Spiess-Knafl
- Architectures:
- any
- Section:
- x11
- Urgency:
- Very Urgent
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
libvncserver_0.9.11+dfsg-1.2.dsc | 2.5 KiB | cbd1a4cd125472bb4290e923585a2a4f089bd449337066ccca587a7913f19fd6 |
libvncserver_0.9.11+dfsg.orig.tar.gz | 513.4 KiB | ea27be2b923cc5e89fb2d93415fdc2373c90cdd2379cf9c671fa234482c69509 |
libvncserver_0.9.11+dfsg-1.2.debian.tar.xz | 18.7 KiB | 18305a97f5985650e3da106374342a021cff20af15d370db068e2b67e086bf79 |
Available diffs
No changes file available.
Binary packages built by this source
- libvncclient1: No summary available for libvncclient1 in ubuntu disco.
No description available for libvncclient1 in ubuntu disco.
- libvncclient1-dbg: No summary available for libvncclient1-dbg in ubuntu disco.
No description available for libvncclient1-dbg in ubuntu disco.
- libvncserver-config: No summary available for libvncserver-config in ubuntu disco.
No description available for libvncserver-config in ubuntu disco.
- libvncserver-dev: No summary available for libvncserver-dev in ubuntu disco.
No description available for libvncserver-dev in ubuntu disco.
- libvncserver1: No summary available for libvncserver1 in ubuntu disco.
No description available for libvncserver1 in ubuntu disco.
- libvncserver1-dbg: No summary available for libvncserver1-dbg in ubuntu disco.
No description available for libvncserver1-dbg in ubuntu disco.