Your message dated Thu, 30 Jan 2020 21:17:47 +0000
with message-id <[email protected]>
and subject line Bug#947428: fixed in tigervnc 1.7.0+dfsg-7+deb9u1
has caused the Debian Bug report #947428,
regarding tigervnc: CVE-2019-15691 CVE-2019-15692 CVE-2019-15693 CVE-2019-15694
CVE-2019-15695
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
947428: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947428
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: tigervnc
Version: 1.9.0+dfsg-4
Severity: grave
Tags: security upstream
Control: found -1 1.9.0+dfsg-3
Hi,
The following vulnerabilities were published for tigervnc.
CVE-2019-15691[0]:
| TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-
| return, which occurs due to incorrect usage of stack memory in
| ZRLEDecoder. If decoding routine would throw an exception, ZRLEDecoder
| may try to access stack variable, which has been already freed during
| the process of stack unwinding. Exploitation of this vulnerability
| could potentially result into remote code execution. This attack
| appear to be exploitable via network connectivity.
CVE-2019-15692[1]:
| TigerVNC version prior to 1.10.1 is vulnerable to heap buffer
| overflow. Vulnerability could be triggered from CopyRectDecoder due to
| incorrect value checks. Exploitation of this vulnerability could
| potentially result into remote code execution. This attack appear to
| be exploitable via network connectivity.
CVE-2019-15693[2]:
| TigerVNC version prior to 1.10.1 is vulnerable to heap buffer
| overflow, which occurs in TightDecoder::FilterGradient. Exploitation
| of this vulnerability could potentially result into remote code
| execution. This attack appear to be exploitable via network
| connectivity.
CVE-2019-15694[3]:
| TigerVNC version prior to 1.10.1 is vulnerable to heap buffer
| overflow, which could be triggered from DecodeManager::decodeRect.
| Vulnerability occurs due to the signdness error in processing
| MemOutStream. Exploitation of this vulnerability could potentially
| result into remote code execution. This attack appear to be
| exploitable via network connectivity.
CVE-2019-15695[4]:
| TigerVNC version prior to 1.10.1 is vulnerable to stack buffer
| overflow, which could be triggered from CMsgReader::readSetCursor.
| This vulnerability occurs due to insufficient sanitization of
| PixelFormat. Since remote attacker can choose offset from start of the
| buffer to start writing his values, exploitation of this vulnerability
| could potentially result into remote code execution. This attack
| appear to be exploitable via network connectivity.
If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2019-15691
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15691
[1] https://security-tracker.debian.org/tracker/CVE-2019-15692
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15692
[2] https://security-tracker.debian.org/tracker/CVE-2019-15693
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15693
[3] https://security-tracker.debian.org/tracker/CVE-2019-15694
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15694
[4] https://security-tracker.debian.org/tracker/CVE-2019-15695
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15695
Please adjust the affected versions in the BTS as needed.
-- System Information:
Debian Release: bullseye/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 5.3.0-3-amd64 (SMP w/2 CPU cores)
Kernel taint flags: TAINT_WARN
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C.UTF-8
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
--- End Message ---
--- Begin Message ---
Source: tigervnc
Source-Version: 1.7.0+dfsg-7+deb9u1
We believe that the bug you reported is fixed in the latest version of
tigervnc, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Joachim Falk <[email protected]> (supplier of updated tigervnc package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sat, 18 Jan 2020 19:30:42 +0100
Source: tigervnc
Architecture: source
Version: 1.7.0+dfsg-7+deb9u1
Distribution: stretch
Urgency: high
Maintainer: TigerVNC Packaging Team <[email protected]>
Changed-By: Joachim Falk <[email protected]>
Closes: 947428
Changes:
tigervnc (1.7.0+dfsg-7+deb9u1) stretch; urgency=high
.
[ Joachim Falk ]
* Fix CVE-2019-15691, CVE-2019-15692, CVE-2019-15693, CVE-2019-15694, and
CVE-2019-15695 (Closes: #947428)
Checksums-Sha1:
c223923eb7c61b83b6c6d9351f86053038fd75b3 4695 tigervnc_1.7.0+dfsg-7+deb9u1.dsc
12cd86855e4fb0f5293538b597e2cf48285361cf 68768
tigervnc_1.7.0+dfsg-7+deb9u1.debian.tar.xz
2c6a4a615ccd96439dd97af5254a20ac32df611a 6962
tigervnc_1.7.0+dfsg-7+deb9u1_source.buildinfo
Checksums-Sha256:
e91eb528ae0f59140df73273ca9a177d427cb9f2766a82a77bf02a3de484b304 4695
tigervnc_1.7.0+dfsg-7+deb9u1.dsc
2846008fbda2419b7cbda92da80ffd5e06e14b0a3ce5ed50e2999941ac6fa114 68768
tigervnc_1.7.0+dfsg-7+deb9u1.debian.tar.xz
ad4edd5d1f8b145ef5b908f9fd72ee8eb6ef02809560d8beb55620f59ab7eeff 6962
tigervnc_1.7.0+dfsg-7+deb9u1_source.buildinfo
Files:
d84eb909fd025c3b6489a0489038e03b 4695 x11 optional
tigervnc_1.7.0+dfsg-7+deb9u1.dsc
69f59df805a501e71070bdb4b4a23cdb 68768 x11 optional
tigervnc_1.7.0+dfsg-7+deb9u1.debian.tar.xz
12bc0a993285436ab5153995434d3e9c 6962 x11 optional
tigervnc_1.7.0+dfsg-7+deb9u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJIBAEBCAAyFiEEd0JxOxv4oYU15116MFSGLSVGoYAFAl4p00UUHGpvYWNoaW0u
ZmFsa0BnbXguZGUACgkQMFSGLSVGoYBFwxAAoYoRpwZ/ND1AarC4WLgLm6w8N66f
dhtgXn1WrWlPcEfOMvRLfQ2UTQO7TQvrYv1KlY8DsvBAbd+I/Y80Xg05Oa2bmguv
Ht/G9K/59A0grptpn/4smctBw5Y4IUu90fCCkJVVqAB1+iIFi/7vVcV3PaLmcwP7
gatDO8W68x0Fs8QkHjMvbnMr525s9yURhjvbWOoSj9P81f2jn8QyhLBhfRZ01F+H
Dj0/U/GGwVHfiOQgBloPFzB5g/0Wx/uqTFtBelicrWhoRRVhngHeyHiy9XLrpdhQ
rlqg6R7wgMPYujrZmkov+VdwNK0cIA6NUYXhVPn/8EMusmohoB85QMyRq+Mp8nR3
7OzBRiv7x1ENerSSVup4SB5sAU62++zg3OtsJjSBL/d9WB3QjEwfrQQJ5v7XLitl
2APrVseOgezSR4CBtutkGmplC5fssu4ltV8kbfTBN6xiGyTjQ5H40/cSPQ1QXLAv
Rvb2csGy4edmsXrry8FayrbVw6WEoTGcIxfKKuJCGyTWHnYnHstRUY8IN8OUoMoA
xq3gfCc8+wop05vKxsND0J+N2r0Gf9j/kM/0aJu/INiJ/BqOWuNQqlzy15wbOqFz
ifLBZgCuFnk6Rf2dxZ8wcF1rgTJV3RUO6x/JLv6IqB/W+2+WArc2NAHMmPiB7mng
aWn1KV+TE3z5+o0=
=9p95
-----END PGP SIGNATURE-----
--- End Message ---
