[Git][security-tracker-team/security-tracker][master] Add CVE-2019-1569{1,2,3,4,5}/tigervnc

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6183e432 by Salvatore Bonaccorso at 2019-12-26T20:18:17Z
Add CVE-2019-1569{1,2,3,4,5}/tigervnc

Note that the CVEs are specifically for TigerVNC.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -18971,15 +18971,30 @@ CVE-2019-15697
 CVE-2019-15696
 	RESERVED
 CVE-2019-15695 (TigerVNC version prior to 1.10.1 is vulnerable to stack buffer overflo ...)
-	TODO: check
+	- tigervnc <unfixed>
+	NOTE: https://www.openwall.com/lists/oss-security/2019/12/20/2
+	NOTE: https://github.com/TigerVNC/tigervnc/commit/05e28490873a861379c943bf616614b78b558b89 (master)
+	NOTE: https://github.com/TigerVNC/tigervnc/commit/6c47340e095258a959c95db9aa2a6c715d62bf7c (v1.10.1)
 CVE-2019-15694 (TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow ...)
-	TODO: check
+	- tigervnc <unfixed>
+	NOTE: https://www.openwall.com/lists/oss-security/2019/12/20/2
+	NOTE: https://github.com/TigerVNC/tigervnc/commit/0943c006c7d900dfc0281639e992791d6c567438 (master)
+	NOTE: https://github.com/TigerVNC/tigervnc/commit/f287032d3643a6437f7de0ed35f4c45bb735522d (v1.10.1)
 CVE-2019-15693 (TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow ...)
-	TODO: check
+	- tigervnc <unfixed>
+	NOTE: https://www.openwall.com/lists/oss-security/2019/12/20/2
+	NOTE: https://github.com/TigerVNC/tigervnc/commit/b4ada8d0c6dac98c8b91fc64d112569a8ae5fb95 (master)
+	NOTE: https://github.com/TigerVNC/tigervnc/commit/46c081926efd83c90a45c0a96b1b5bc1927e1346 (v1.10.1)
 CVE-2019-15692 (TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow ...)
-	TODO: check
+	- tigervnc <unfixed>
+	NOTE: https://www.openwall.com/lists/oss-security/2019/12/20/2
+	NOTE: https://github.com/TigerVNC/tigervnc/commit/996356b6c65ca165ee1ea46a571c32a1dc3c3821 (master)
+	NOTE: https://github.com/TigerVNC/tigervnc/commit/ff08ca78b24b5a4ed5263245c7ce8744059ff4ad (v1.10.1)
 CVE-2019-15691 (TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-retu ...)
-	TODO: check
+	- tigervnc <unfixed>
+	NOTE: https://www.openwall.com/lists/oss-security/2019/12/20/2
+	NOTE: https://github.com/TigerVNC/tigervnc/commit/d61a767d6842b530ffb532ddd5a3d233119aad40 (master)
+	NOTE: https://github.com/TigerVNC/tigervnc/commit/042de4642293df9b72a08189c249e2da79cbca91 (v1.10.1)
 CVE-2019-15690
 	RESERVED
 CVE-2019-15689 (Kaspersky Secure Connection, Kaspersky Internet Security, Kaspersky To ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6183e432bfe8cb1417a510e34b3b2800fa9a6462

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6183e432bfe8cb1417a510e34b3b2800fa9a6462
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191226/95637804/attachment.html>