diff options
author | Mike Gabriel <mike.gabriel@das-netzwerkteam.de> | 2020-06-30 23:11:44 +0200 |
---|---|---|
committer | Holger Levsen <holger@layer-acht.org> | 2020-07-01 16:30:46 +0200 |
commit | 874b7a827053e059c3b08e991a12da214544f123 (patch) | |
tree | 290c398848c69e8cbae2b700ed0e725c76412584 /english | |
parent | 41a5070e43be50edc80c35082caa1a5005b06131 (diff) |
DLA-2264-1 advisory
Signed-off-by: Holger Levsen <holger@layer-acht.org>
Diffstat (limited to 'english')
-rw-r--r-- | english/lts/security/2020/dla-2264.data | 10 | ||||
-rw-r--r-- | english/lts/security/2020/dla-2264.wml | 62 |
2 files changed, 72 insertions, 0 deletions
diff --git a/english/lts/security/2020/dla-2264.data b/english/lts/security/2020/dla-2264.data new file mode 100644 index 00000000000..c4190e660e7 --- /dev/null +++ b/english/lts/security/2020/dla-2264.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2264-1 libvncserver</define-tag> +<define-tag report_date>2020-06-30</define-tag> +<define-tag secrefs>CVE-2019-20839 CVE-2020-14397 CVE-2020-14399 CVE-2020-14400 CVE-2020-14401 CVE-2020-14402 CVE-2020-14403 CVE-2020-14404 CVE-2020-14405</define-tag> +<define-tag packages>libvncserver</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2264.wml b/english/lts/security/2020/dla-2264.wml new file mode 100644 index 00000000000..961c552d14e --- /dev/null +++ b/english/lts/security/2020/dla-2264.wml @@ -0,0 +1,62 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> + +<p>Several vulnerabilities have been discovered in libVNC (libvncserver Debian package), an +implemenantation of the VNC server and client protocol.</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2019-20839">CVE-2019-20839</a> + + <p>libvncclient/sockets.c in LibVNCServer had a buffer overflow via a + long socket filename.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-14397">CVE-2020-14397</a> + + <p>libvncserver/rfbregion.c had a NULL pointer dereference.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-14399">CVE-2020-14399</a> + + <p>Byte-aligned data was accessed through uint32_t pointers in + libvncclient/rfbproto.c.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-14400">CVE-2020-14400</a> + + <p>Byte-aligned data was accessed through uint16_t pointers in + libvncserver/translate.c.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-14401">CVE-2020-14401</a> + + <p>libvncserver/scale.c had a pixel_value integer overflow.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-14402">CVE-2020-14402</a> + + <p>libvncserver/corre.c allowed out-of-bounds access via encodings.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-14403">CVE-2020-14403</a> + + <p>libvncserver/hextile.c allowed out-of-bounds access via encodings.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-14404">CVE-2020-14404</a> + + <p>libvncserver/rre.c allowed out-of-bounds access via encodings.</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-14405">CVE-2020-14405</a> + + <p>libvncclient/rfbproto.c does not limit TextChat size.</p></li> + +</ul> + +<p>For Debian 8 <q>Jessie</q>, these problems have been fixed in version +0.9.9+dfsg2-6.1+deb8u8.</p> + +<p>We recommend that you upgrade your libvncserver packages.</p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2264.data" +# $Id: $ |