vino (3.22.0-6ubuntu2) groovy; urgency=medium
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2020-14397.patch: add missing NULL pointer checks
in server/libvncserver/rfbregion.c, server/libvncserver/rfbserver.c.
- CVE-2020-14397
* SECURITY UPDATE: out-of-bounds access via encodings
- debian/patches/CVE-2020-1440x.patch: prevent OOB accesses in
server/libvncserver/corre.c, server/libvncserver/hextile.c,
server/libvncserver/rre.c.
- CVE-2020-14402
- CVE-2020-14403
- CVE-2020-14404
-- Marc Deslauriers <email address hidden> Tue, 06 Oct 2020 14:50:02 -0400