lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-Id: <E1gqOkF-0001LP-J2@seger.debian.org> Date: Sun, 03 Feb 2019 20:52:03 +0000 From: Salvatore Bonaccorso <carnil@...ian.org> To: bugtraq@...urityfocus.com Subject: [SECURITY] [DSA 4383-1] libvncserver security update -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4383-1 security@...ian.org https://www.debian.org/security/ Salvatore Bonaccorso February 03, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libvncserver CVE ID : CVE-2018-6307 CVE-2018-15126 CVE-2018-15127 CVE-2018-20019 CVE-2018-20020 CVE-2018-20021 CVE-2018-20022 CVE-2018-20023 CVE-2018-20024 Debian Bug : 916941 Pavel Cheremushkin discovered several vulnerabilities in libvncserver, a library to implement VNC server/client functionalities, which might result in the execution of arbitrary code, denial of service or information disclosure. For the stable distribution (stretch), these problems have been fixed in version 0.9.11+dfsg-1.3~deb9u1. We recommend that you upgrade your libvncserver packages. For the detailed security status of libvncserver please refer to its security tracker page at: https://security-tracker.debian.org/tracker/libvncserver Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@...ts.debian.org -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlxXVEVfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0QnFA/+OdqSdVFFyBtT3WnOMUez7pBsk3wx0rzbCZ5uBJHYzr0ogMgDInL4GwdW RrTvSQtpKiUjmN4tfocXxKiWq6/KVZ5wgfYCeIjzzSr8qQHqYnV9NH2A8bUpVFAp M04zpV/zqPd2vlUPkppigHCyemV7sRuaXikGyUYm4Y6zBEhSg2vfyqfFmoggKoq8 aD6cWtKgCW3aSALA52JlVn5cPz17xvrk1zfStgtLPjHZTMHW19fDXq1hubxfR3q1 66LEfcs+13BFZW+09/eYSsC5vM96s4AfshErjtwpMxtVnc9MEIRNfRM9kfteaRvi s60EmM7xFvbx9acIQgKnLNNyjExzjySmgO0Bq7GNBu0gK1wNVpnOHI9EtBLfjOE7 YrYOxvwyTI5jFS0Txl846/dXwxy6gcX/bTlO6mqQFUicJcr7DU4GflHrt/t15VcK e7DBeWlhzV7yBoxC5yjS37dug0Ab9A9+TpCRxD5jwMWHZ3g+/8oXybCEqpuFwrqb kS1L4op0CHvouGbRldEtFookQud5deuqbEGxScGvOr8buENpnQmc6fzDh3jMH2wZ BNUHPzIYJHKqMXCK41jUB40/0v5iz5z5gHvRYfo8+ZOoLIFCp7zER3RDxwR8fGiK tqycmFiHaax09jHvqffRbwARfVrrrNbh4u/F7n3WWpbIsCjPOC4= =6dI2 -----END PGP SIGNATURE-----
Powered by blists - more mailing lists