[Git][security-tracker-team/security-tracker][master] Reserve DLA-3125-1 for libvncserver

Thu, 29 Sep 2022 15:11:43 -0700 


Thorsten Alteholz pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
16d0404c by Thorsten Alteholz at 2022-09-30T00:11:19+02:00
Reserve DLA-3125-1 for libvncserver

- - - - -


2 changed files:

- data/CVE/list
- data/DLA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -133076,7 +133076,6 @@ CVE-2020-29261
        RESERVED
 CVE-2020-29260 (libvncclient v0.9.13 was discovered to contain a memory leak 
via the f ...)
        - libvncserver <unfixed> (bug #1019228)
-       [buster] - libvncserver <no-dsa> (Minor issue)
        NOTE: 
https://github.com/LibVNC/libvncserver/commit/bef41f6ec4097a8ee094f90a1b34a708fbd757ec
 CVE-2020-29259 (Cross-site scripting (XSS) vulnerability in Online Examination 
System  ...)
        NOT-FOR-US: Online Examination System
@@ -145221,7 +145220,6 @@ CVE-2020-25711 (A flaw was found in infinispan 10 
REST API, where authorization
 CVE-2020-25708 (A divide by zero issue was found to occur in 
libvncserver-0.9.12. A ma ...)
        {DLA-2451-1}
        - libvncserver 0.9.13+dfsg-1
-       [buster] - libvncserver <no-dsa> (Minor issue)
        NOTE: https://github.com/LibVNC/libvncserver/issues/409
        NOTE: 
https://github.com/LibVNC/libvncserver/commit/673c07a75ed844d74676f3ccdcfdc706a7052dba
 CVE-2020-25707


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[30 Sep 2022] DLA-3125-1 libvncserver - security update
+       {CVE-2020-25708 CVE-2020-29260}
+       [buster] - libvncserver 0.9.11+dfsg-1.3+deb10u5
 [29 Sep 2022] DLA-3124-1 webkit2gtk - security update
        {CVE-2022-32886}
        [buster] - webkit2gtk 2.38.0-1~deb10u1



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/16d0404c369a0b7ee60cc7fc87204df8e878e847

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/16d0404c369a0b7ee60cc7fc87204df8e878e847
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to