libvncserver 0.9.11+dfsg-1.3ubuntu0.1 source package in Ubuntu
Changelog
libvncserver (0.9.11+dfsg-1.3ubuntu0.1) eoan-security; urgency=medium * SECURITY UPDATE: null pointer dereference in HandleZlibBPP function which results in DoS - debian/patches/CVE-2019-15680.patch: prevent dereferencing of null pointers during decoding in libvncclient/zlib.c and libvncclient/zrle.c. - CVE-2019-15680 * SECURITY UPDATE: memory leak allows an attacker to read stack memory resulting in possible information disclosure - debian/patches/CVE-2019-15681.patch: clear a block of memory for the sct variable in libvncserver/rfbserver.c. - CVE-2019-15681 * SECURITY UPDATE: heap buffer overflow caused by large cursor sizes - debian/patches/CVE-2019-15690_CVE-2019-20788.patch: limit the size of cursor in libvncclient/cursor.c. - CVE-2019-15690 - CVE-2019-20788 * SECURITY UPDATE: heap-based buffer overflow which allowed easy modification of a return address via an overwritten function pointer - debian/patches/CVE-2017-18922.patch: fix buffer overflow within the websocket decoding functionality in libvncserver/websockets.c. - CVE-2017-18922 -- Avital Ostromich <email address hidden> Tue, 30 Jun 2020 11:53:25 -0400
Upload details
- Uploaded by:
- Avital Ostromich
- Uploaded to:
- Eoan
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any
- Section:
- libs
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
libvncserver_0.9.11+dfsg.orig.tar.gz | 513.4 KiB | ea27be2b923cc5e89fb2d93415fdc2373c90cdd2379cf9c671fa234482c69509 |
libvncserver_0.9.11+dfsg-1.3ubuntu0.1.debian.tar.xz | 27.4 KiB | c1cd79248079f6084dd6236f384788024cea26a6ff490f1ef6de306d6acd4d79 |
libvncserver_0.9.11+dfsg-1.3ubuntu0.1.dsc | 2.3 KiB | c2b7aa4e1b582fee25d15f907194f2592feb8db01a249ac9334d0c17caa2b971 |
Available diffs
Binary packages built by this source
- libvncclient1: No summary available for libvncclient1 in ubuntu eoan.
No description available for libvncclient1 in ubuntu eoan.
- libvncclient1-dbg: No summary available for libvncclient1-dbg in ubuntu eoan.
No description available for libvncclient1-dbg in ubuntu eoan.
- libvncserver-config: No summary available for libvncserver-config in ubuntu eoan.
No description available for libvncserver-config in ubuntu eoan.
- libvncserver-dev: No summary available for libvncserver-dev in ubuntu eoan.
No description available for libvncserver-dev in ubuntu eoan.
- libvncserver1: No summary available for libvncserver1 in ubuntu eoan.
No description available for libvncserver1 in ubuntu eoan.
- libvncserver1-dbg: No summary available for libvncserver1-dbg in ubuntu eoan.
No description available for libvncserver1-dbg in ubuntu eoan.