Univention Bugzilla – Full Text Bug Listing |
Summary: | tightvnc: Multiple issues (4.4) | ||
---|---|---|---|
Product: | UCS | Reporter: | Quality Assurance <qa> |
Component: | Security updates | Assignee: | Quality Assurance <qa> |
Status: | CLOSED FIXED | QA Contact: | Philipp Hahn <hahn> |
Severity: | normal | ||
Priority: | P3 | ||
Version: | UCS 4.4 | ||
Target Milestone: | UCS 4.4-3-errata | ||
Hardware: | All | ||
OS: | Linux | ||
What kind of report is it?: | Security Issue | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | ||
Max CVSS v3 score: | 6.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) NVD RedHat |
Description
Quality Assurance
2020-02-27 15:34:22 CET
--- mirror/ftp/4.3/unmaintained/4.3-0/source/tightvnc_1.3.9-9.dsc +++ apt/ucs_4.4-0-errata4.4-3/source/tightvnc_1.3.9-9+deb9u1.dsc @@ -1,3 +1,24 @@ +1:1.3.9-9+deb9u1 [Sat, 21 Dec 2019 10:35:50 +0100] Mike Gabriel <sunweaver@debian.org>: + + * Security upload. (Closes: #945364). + * CVE-2014-6053: Check malloc() return value on client->server ClientCutText + message. + * CVE-2019-8287 (aka CVE-2018-20020): Fix heap out-of-bound write + vulnerability inside structure in VNC client code. + * CVE-2018-20021: CWE-835: Infinite loop vulnerability in VNC client code. + * CVE-2018-20022: CWE-665: Improper Initialization vulnerability. + * CVE-2018-7225: Uninitialized and potentially sensitive data could be + accessed by remote attackers because the msg.cct.length in rfbserver.c was + not sanitized. + * CVE-2019-15678: LibVNCClient: ignore server-sent cut text longer than 1MB. + * Extra patch similar to the fix for CVE-2019-15678: LibVNCClient: ignore + server-sent reason strings longer than 1MB (see CVE-2018-20748/ + libvncserver). + * CVE-2019-15679: rfbproto.c/InitialiseRFBConnection: Check desktop name + length received before allocating memory for it and limit it to 1MB. + * CVE-2019-15680: Fix null-pointer-deref issue in vncviewer/zlib.c. + * CVE-2019-15681: rfbserver: don't leak stack memory to the remote. + 1:1.3.9-9 [Fri, 27 Jan 2017 22:05:03 +0100] Ola Lundqvist <opal@debian.org>: * Reverted the transition. Tigervnc is not ready for being a full <http://10.200.17.11/4.4-3/#9207684441389578367> OK: yaml OK: announce_errata OK: patch OK: piuparts [4.4-3] 9b9d862943 Bug #50871: tightvnc 1:1.3.9-9+deb9u1 doc/errata/staging/tightvnc.yaml | 41 ++++++++++++++++++---------------------- 1 file changed, 18 insertions(+), 23 deletions(-) [4.4-3] 31bcdead6a Bug #50871: tightvnc 1:1.3.9-9+deb9u1 doc/errata/staging/tightvnc.yaml | 49 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) |