libvncserver (0.9.10+dfsg-3ubuntu0.16.04.4) xenial-security; urgency=medium
* SECURITY UPDATE: null pointer dereference in HandleZlibBPP function which
results in DoS
- debian/patches/CVE-2019-15680.patch: prevent dereferencing of null
pointers during decoding in libvncclient/zlib.c and libvncclient/zrle.c.
- CVE-2019-15680
* SECURITY UPDATE: memory leak allows an attacker to read stack memory
resulting in possible information disclosure
- debian/patches/CVE-2019-15681.patch: clear a block of memory for the sct
variable in libvncserver/rfbserver.c.
- CVE-2019-15681
* SECURITY UPDATE: heap buffer overflow caused by large cursor sizes
- debian/patches/CVE-2019-15690_CVE-2019-20788.patch: limit the size of
cursor in libvncclient/cursor.c.
- CVE-2019-15690
- CVE-2019-20788
* SECURITY UPDATE: heap-based buffer overflow which allowed easy modification
of a return address via an overwritten function pointer
- debian/patches/CVE-2017-18922.patch: fix buffer overflow within the
websocket decoding functionality in libvncserver/websockets.c.
- debian/patches/encode_decode_buffers.patch: split codeBuf variable into
encode and decode variables, allowing CVE patch to apply.
- CVE-2017-18922
Date: 2020-07-01 14:54:24.299579+00:00
Changed-By: Avital Ostromich <[email protected]>
Signed-By: Ubuntu Archive Robot
<[email protected]>
https://launchpad.net/ubuntu/+source/libvncserver/0.9.10+dfsg-3ubuntu0.16.04.4
Sorry, changesfile not available.
--
Xenial-changes mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/xenial-changes
