Package: release.debian.org Severity: normal Tags: buster User: release.debian....@packages.debian.org Usertags: pu
Hi, Sorry, no bug associated here, was confused how to subject the mail. Guidance for the future would be appreciated. I would like to do an NMU for CVE-2020-25708[1]. This seems to have been waiting a while and is fixed already in bullseye/sid and stretch. Because of this I feel it can just go into the next point release if approved. This update has been done during and part of this weekends bsp-2021-04-at-salzburg. Note: I am not a DM or DD and this will require a sponsor to upload if approved. [1] https://security-tracker.debian.org/tracker/CVE-2020-25708 Regards Phil -- *** Playing the game for the games own sake. *** WWW: https://kathenas.org Twitter: @kathenasorg Instagram: @kathenasorg IRC: kathenas GPG: 724AA9B52F024C8B
diff -Nru libvncserver-0.9.11+dfsg/debian/changelog libvncserver-0.9.11+dfsg/debian/changelog --- libvncserver-0.9.11+dfsg/debian/changelog 2020-08-28 22:40:37.000000000 +0100 +++ libvncserver-0.9.11+dfsg/debian/changelog 2021-04-25 17:01:53.000000000 +0100 @@ -1,3 +1,10 @@ +libvncserver (0.9.11+dfsg-1.3+deb10u5) buster; urgency=medium + + * Non-maintainer upload. + * CVE-2020-25708: libvncserver: fix possible divide-by-zero. + + -- Phil Wyett <philip.wy...@kathenas.org> Sun, 25 Apr 2021 17:01:53 +0100 + libvncserver (0.9.11+dfsg-1.3+deb10u4) buster; urgency=medium * CVE-2019-20839: libvncclient: bail out if unix socket name would overflow. diff -Nru libvncserver-0.9.11+dfsg/debian/patches/CVE-2020-25708.patch libvncserver-0.9.11+dfsg/debian/patches/CVE-2020-25708.patch --- libvncserver-0.9.11+dfsg/debian/patches/CVE-2020-25708.patch 1970-01-01 01:00:00.000000000 +0100 +++ libvncserver-0.9.11+dfsg/debian/patches/CVE-2020-25708.patch 2021-04-25 17:01:53.000000000 +0100 @@ -0,0 +1,14 @@ +Index: libvncserver-0.9.11+dfsg/libvncserver/rfbserver.c +=================================================================== +--- libvncserver-0.9.11+dfsg.orig/libvncserver/rfbserver.c ++++ libvncserver-0.9.11+dfsg/libvncserver/rfbserver.c +@@ -3294,6 +3294,9 @@ rfbSendRectEncodingRaw(rfbClientPtr cl, + char *fbptr = (cl->scaledScreen->frameBuffer + (cl->scaledScreen->paddedWidthInBytes * y) + + (x * (cl->scaledScreen->bitsPerPixel / 8))); + ++ if(!h || !w) ++ return TRUE; /* nothing to send */ ++ + /* Flush the buffer to guarantee correct alignment for translateFn(). */ + if (cl->ublen > 0) { + if (!rfbSendUpdateBuf(cl)) diff -Nru libvncserver-0.9.11+dfsg/debian/patches/series libvncserver-0.9.11+dfsg/debian/patches/series --- libvncserver-0.9.11+dfsg/debian/patches/series 2020-08-28 22:40:19.000000000 +0100 +++ libvncserver-0.9.11+dfsg/debian/patches/series 2021-04-25 17:01:53.000000000 +0100 @@ -37,3 +37,4 @@ CVE-2020-14401.patch CVE-2020-14402+14403+14404.patch CVE-2020-14405.patch +CVE-2020-25708.patch
signature.asc
Description: This is a digitally signed message part