Your message dated Thu, 30 Jan 2020 20:36:55 +0000
with message-id <[email protected]>
and subject line Bug#947428: fixed in tigervnc 1.9.0+dfsg-3+deb10u1
has caused the Debian Bug report #947428,
regarding tigervnc: CVE-2019-15691 CVE-2019-15692 CVE-2019-15693 CVE-2019-15694
CVE-2019-15695
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
947428: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947428
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: tigervnc
Version: 1.9.0+dfsg-4
Severity: grave
Tags: security upstream
Control: found -1 1.9.0+dfsg-3
Hi,
The following vulnerabilities were published for tigervnc.
CVE-2019-15691[0]:
| TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-
| return, which occurs due to incorrect usage of stack memory in
| ZRLEDecoder. If decoding routine would throw an exception, ZRLEDecoder
| may try to access stack variable, which has been already freed during
| the process of stack unwinding. Exploitation of this vulnerability
| could potentially result into remote code execution. This attack
| appear to be exploitable via network connectivity.
CVE-2019-15692[1]:
| TigerVNC version prior to 1.10.1 is vulnerable to heap buffer
| overflow. Vulnerability could be triggered from CopyRectDecoder due to
| incorrect value checks. Exploitation of this vulnerability could
| potentially result into remote code execution. This attack appear to
| be exploitable via network connectivity.
CVE-2019-15693[2]:
| TigerVNC version prior to 1.10.1 is vulnerable to heap buffer
| overflow, which occurs in TightDecoder::FilterGradient. Exploitation
| of this vulnerability could potentially result into remote code
| execution. This attack appear to be exploitable via network
| connectivity.
CVE-2019-15694[3]:
| TigerVNC version prior to 1.10.1 is vulnerable to heap buffer
| overflow, which could be triggered from DecodeManager::decodeRect.
| Vulnerability occurs due to the signdness error in processing
| MemOutStream. Exploitation of this vulnerability could potentially
| result into remote code execution. This attack appear to be
| exploitable via network connectivity.
CVE-2019-15695[4]:
| TigerVNC version prior to 1.10.1 is vulnerable to stack buffer
| overflow, which could be triggered from CMsgReader::readSetCursor.
| This vulnerability occurs due to insufficient sanitization of
| PixelFormat. Since remote attacker can choose offset from start of the
| buffer to start writing his values, exploitation of this vulnerability
| could potentially result into remote code execution. This attack
| appear to be exploitable via network connectivity.
If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2019-15691
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15691
[1] https://security-tracker.debian.org/tracker/CVE-2019-15692
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15692
[2] https://security-tracker.debian.org/tracker/CVE-2019-15693
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15693
[3] https://security-tracker.debian.org/tracker/CVE-2019-15694
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15694
[4] https://security-tracker.debian.org/tracker/CVE-2019-15695
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15695
Please adjust the affected versions in the BTS as needed.
-- System Information:
Debian Release: bullseye/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 5.3.0-3-amd64 (SMP w/2 CPU cores)
Kernel taint flags: TAINT_WARN
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C.UTF-8
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
--- End Message ---
--- Begin Message ---
Source: tigervnc
Source-Version: 1.9.0+dfsg-3+deb10u1
We believe that the bug you reported is fixed in the latest version of
tigervnc, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Joachim Falk <[email protected]> (supplier of updated tigervnc package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 23 Jan 2020 19:03:00 +0100
Source: tigervnc
Architecture: source
Version: 1.9.0+dfsg-3+deb10u1
Distribution: buster
Urgency: high
Maintainer: TigerVNC Packaging Team <[email protected]>
Changed-By: Joachim Falk <[email protected]>
Closes: 947428
Changes:
tigervnc (1.9.0+dfsg-3+deb10u1) buster; urgency=high
.
[ Joachim Falk ]
* Fix CVE-2019-15691, CVE-2019-15692, CVE-2019-15693, CVE-2019-15694, and
CVE-2019-15695 (Closes: #947428)
Checksums-Sha1:
8bf0a6a40d26ba8ace50afbedab9dd54dd93f44f 4001 tigervnc_1.9.0+dfsg-3+deb10u1.dsc
722fdaae82a53f339b90fcc304983bce1ebca5ec 68728
tigervnc_1.9.0+dfsg-3+deb10u1.debian.tar.xz
7df7a26efcaa565390b9ade4e2bd5a146c2eddfc 6726
tigervnc_1.9.0+dfsg-3+deb10u1_source.buildinfo
Checksums-Sha256:
a807ac0aec0544aa7b66434b6f3dd639feb009f319033c404ff5fc6dae65ab57 4001
tigervnc_1.9.0+dfsg-3+deb10u1.dsc
9b48d0ba37c1951cd4b175c49fe693c9b899d54926e96ce27ec7a72af78357e6 68728
tigervnc_1.9.0+dfsg-3+deb10u1.debian.tar.xz
6c8e48434b39d96b6c37a4d555d3b0cd6bd7c22f024dac3742768114f7b91877 6726
tigervnc_1.9.0+dfsg-3+deb10u1_source.buildinfo
Files:
367f4188b538f2fb0ce6138ed4c97e28 4001 x11 optional
tigervnc_1.9.0+dfsg-3+deb10u1.dsc
ba30a2e119274889526aa1f483ae0ea4 68728 x11 optional
tigervnc_1.9.0+dfsg-3+deb10u1.debian.tar.xz
bf97be31f4c7968c4cb3f1581c82b208 6726 x11 optional
tigervnc_1.9.0+dfsg-3+deb10u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJIBAEBCAAyFiEEd0JxOxv4oYU15116MFSGLSVGoYAFAl4p4CkUHGpvYWNoaW0u
ZmFsa0BnbXguZGUACgkQMFSGLSVGoYA+tQ//UvktBaeoXWjR0EycxH3qD6tq54bX
ApXniLepmFlZ5Z3j6C+LkTkNVXJcOgQGWn8i0y6XSrvO6BPPhh4OvoUnlqQl36fX
mA2As2b6I/2mOUmmu3HscJd7qAfjRpJUUW4KBrIVO+wXR08YtzTFB8kKucVuAGoz
YzdOw5SewpwDJzHP2BRlgvjtNW9KRoAJaK3HRR2XchZSlTKu9TRkaG2SRSQaCDXY
983di+k271lZm4ERhFlH3TPv9VqtJcqJgYHSO9eBVkJSySvavFxUehrv946bdzI7
7AxBgVbGuyZwKI8RqNUYRE9vxpmG0lgPPsIuz7hi6IZdHKRq8yo5xPRTdCJNQqHo
9OzEyR0Jc6p5QpUGgIXWN9eVRWi391L2TCTFmXvhYw5L4Vm8iJw4UAcYzAsqf0Pp
jGQbu4tRHPJpSMf15XvOXg3Cz07kX3uq12JUQS4RxnTIKZku9MIdlSCK8N3/1m4g
KWe/dT4mdeGGILIbBH2846CZlMt3di/i7T/tlFH2ZtEJMyb5sqLOVtY+skaLUOvo
93oMbkZ9y3V31aOIBpZl7zxh3KZy1m1QO0RMPvmrMhCUqXG+EBwZ8KtJeDPJj5CW
+TE0u++2OTjNG7IPfovi5ofgDCH6SaCWsvFWEVB1giCtZlCAA4vEfaqpJUnoHwtH
r5cuz4c0xTL9j7k=
=1fy/
-----END PGP SIGNATURE-----
--- End Message ---
