-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : libvncserver Version : 0.9.9+dfsg2-6.1+deb8u7 CVE ID : CVE-2019-15690 Debian Bug : 954163
In libvncserver, through libvncclient/cursor.c, there is a possibility of a heap overflow, as reported by Pavel Cheremushkin. For Debian 8 "Jessie", this problem has been fixed in version 0.9.9+dfsg2-6.1+deb8u7. We recommend that you upgrade your libvncserver packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS Best, Utkarsh -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAl5xKFkACgkQgj6WdgbD S5bDwxAAg9nrkT0BLeVDzDVkuGUu8nN0Tb5Mp+KYtxShN7bxcXbm+y52hyq6pnnH vjysWhNWSp7Nhz5JckYmlATLUgX8cTA15Gzug7b73O6tnXzv69bYU8UKSLsHyQK4 qEy67Ee2/qCXM+OzVg2ui71Bo+aGXBa0uB4Xa5+nleA5BUa4cqTqZC68Amq1fQUr zw9gjaNUUAoi0LZ5waOGuAGvQOAhbaKNh1gU7omLaTgBUY0+ZC5G5gviXjo8BEsL MSRM/rx5Q3dFSypany/uYEt5rkncRgsMrVmLYQUtUeimP7fNJyQUaiiVG6M3zrBu k/9S9QJ8UoXXacQrBoDw+uGo1VWssZAXBtcTNyLYQ+U+aFoLCPm7xfehP2qORRDM 9V71wTta6X0EvqlqGHLPp/JC9ytBbF9CwWb369vuJ0B3YuXOEs9Nr7EfQlBam6Uv ZZ9i7Ebb3RWiplri4T05K7nkt+CLIFIdks2kki4Ap4ruFmGC0iK9q+bTXevxJGLP upvpdIwpCFYFbIk1Yedx6GGk3gXWZUjPwCIXoZrENJl2MklvCbebSn1rLHjZ2Cx3 aKnH7GnJVvh2WuCEGqx+4WtAj5mG9+cBPLKEPrC5BCTmLlCy9nu2R8CmvwQq+69A O2C0UqoSe3A2t1bQoWFFgakCf5XyGjasXf41Kq252WsWaazc/60= =+9al -----END PGP SIGNATURE-----
