[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2018-7225/libvncserver

Mon Feb 19 19:56:55 UTC 2018

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
20027176 by Salvatore Bonaccorso at 2018-02-19T20:55:27+01:00
Add CVE-2018-7225/libvncserver

- - - - -
56b7ba12 by Salvatore Bonaccorso at 2018-02-19T20:56:38+01:00
Add CVE-2018-7226/vncterm

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================

--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,9 @@
+CVE-2018-7226 [VNConsole.c: vcSetXCutTextProc() integer overflow and unchecked malloc()]
+	- vncterm <unfixed>
+	NOTE: https://github.com/LibVNC/vncterm/issues/6
+CVE-2018-7225 [libvncserver/rfbserver.c: rfbProcessClientNormalMessage() case rfbClientCutText doesn't sanitize msg.cct.length]
+	- libvncserver <unfixed>
+	NOTE: https://github.com/LibVNC/libvncserver/issues/218
 CVE-2018-7224
 	RESERVED
 CVE-2018-7223



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/80bb4608b58a6b87b30bc31de03e10ae02b459ec...56b7ba12d1fa494c647f0529e598f1c5f758137a

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/80bb4608b58a6b87b30bc31de03e10ae02b459ec...56b7ba12d1fa494c647f0529e598f1c5f758137a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180219/c7063579/attachment.html>
