Your message dated Fri, 29 May 2026 16:18:46 +0000
with message-id <[email protected]>
and subject line Bug#1138174: fixed in libvncserver 0.9.15+dfsg-5
has caused the Debian Bug report #1138174,
regarding libvncserver: CVE-2026-44988
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1138174: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1138174
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: libvncserver
Version: 0.9.15+dfsg-4
Severity: important
Tags: security upstream
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi,
The following vulnerability was published for libvncserver.
CVE-2026-44988[0]:
| LibVNCClient is a library for easy implementation of a VNC client.
| In 0.9.15 and earlier, LibVNCClient's Tight encoding decoder uses
| fixed-size 2048-pixel scratch buffers for the Gradient filter, but
| it does not reject Tight rectangles whose width is larger than 2048
| pixels. A malicious VNC server can send a crafted FramebufferUpdate
| rectangle using Tight encoding with NoZlib | ExplicitFilter and the
| Gradient filter. When a LibVNCClient-based client connects, the
| client processes the server-controlled rectangle width and writes
| beyond fixed-size Gradient buffers. This vulnerability is fixed with
| commit 5b270544b85233668b98161323297d418a8f5fd1.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2026-44988
https://www.cve.org/CVERecord?id=CVE-2026-44988
[1]
https://github.com/LibVNC/libvncserver/security/advisories/GHSA-jcc5-8wj4-7c58
[2]
https://github.com/LibVNC/libvncserver/commit/5b270544b85233668b98161323297d418a8f5fd1
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: libvncserver
Source-Version: 0.9.15+dfsg-5
Done: Sven Geuer <[email protected]>
We believe that the bug you reported is fixed in the latest version of
libvncserver, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Sven Geuer <[email protected]> (supplier of updated libvncserver package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 29 May 2026 17:36:13 +0200
Source: libvncserver
Architecture: source
Version: 0.9.15+dfsg-5
Distribution: unstable
Urgency: medium
Maintainer: Debian Remote Maintainers <[email protected]>
Changed-By: Sven Geuer <[email protected]>
Closes: 1138174
Changes:
libvncserver (0.9.15+dfsg-5) unstable; urgency=medium
.
* Team upload.
* debian/patches:
+ CVE-2026-44988: Add 0003_CVE-2026-44988.patch fixing Tight gradient
decoding overflow (Closes: #1138174).
Checksums-Sha1:
fdd4d4cdfc670c41624c1991a4676467bdbe6c6f 2313 libvncserver_0.9.15+dfsg-5.dsc
7da746e9e291c08db030cdd7cef1f59551ef5b34 20908
libvncserver_0.9.15+dfsg-5.debian.tar.xz
a43a8fb7db2b3b35abbc2aa5781197bdbdeb1dad 8403
libvncserver_0.9.15+dfsg-5_amd64.buildinfo
Checksums-Sha256:
415e85146a445af4529df250e10449994f0d6c6daedc2fc216408bab66244cce 2313
libvncserver_0.9.15+dfsg-5.dsc
f285352ca55c965673fb4d1531a0e22d6cafb53314f250ee542a096a7af1a54d 20908
libvncserver_0.9.15+dfsg-5.debian.tar.xz
d31062a8d0a3078409cc13aa04eb3c319f08767bbf63e0792ec6b1e28c0e2400 8403
libvncserver_0.9.15+dfsg-5_amd64.buildinfo
Files:
43a3951cd4d28096344fcf7de61cec58 2313 libs optional
libvncserver_0.9.15+dfsg-5.dsc
99b4a978b153948cc5c4fbb0e54df906 20908 libs optional
libvncserver_0.9.15+dfsg-5.debian.tar.xz
07ce47f8993db2e06462ab9fc2e4c931 8403 libs optional
libvncserver_0.9.15+dfsg-5_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJDBAEBCgAtFiEEPfXoqkP8n9/QhvGVrfUO2vit1YUFAmoZtSoPHHNnZUBkZWJp
YW4ub3JnAAoJEK31Dtr4rdWFBwUQAJviule8Fya4puu1WJJzL1h63pxS6pkm8fM/
908bRUFzmbSHnssYaSBRO9ovx7xSVp/lSra6mrBc6Nc7qb08M7F/fsbgptee73/K
B1SB/z9fjAwtz4U8lEYIHxq7TZ8MG8pNso/yHCl0UQMj0UidbrQYr015kUfgSKDL
YrFb7l+EO4arlw28Xsk+CdNjr9Sl++Pai7iQZLERiFluh7jd7HZXOEou2Y3NYL4d
L9wmH7o77WTaopNh+Rh3FNifmGR3ikmEoldB5t2akZUZUTp5aoPJPVpu+H0bWPy7
EOlJOd2wEDkz5VI8mjv1LJAErpA9XbOsgzY20lKXVgqMv1SkRjcX4h231QjJX/PC
bPrTMj2gsPdxWy0fEqS/2g0G2qREroJdE67b3GgZgJ+nwGx1MgqRGKUuoxEAVmDM
D3Em4p4JkTmC03gWBKqWs/vJhPGn5BJ+gQgthdsEBicxezhy5LJcqaxHyziR7N/3
uOVZ02AyNfWpnwbOJ3YBVWJH1XeBO1HuwjL61LD9tH0SNctmlYEhZYyJb4Uqo7m3
gdGE9nJehmhqGzPC+HLY/FT9znB8AOA2KAdLTj07q8KQfBQ/uZ/21hgKqZaOlN6T
eyasRX8vuo1Q7+Dz5DB7dJRadI4P8TFC/+OwxT8Vx0p/skOVUQQLj3fcQrYZdv4i
JHHdJUbI
=mW2w
-----END PGP SIGNATURE-----
pgpc8qC2il1Kt.pgp
Description: PGP signature
--- End Message ---
