[Git][security-tracker-team/security-tracker][master] Mark tightvnc issues as no-dsa

Salvatore Bonaccorso carnil at debian.org
Mon Dec 30 10:54:58 GMT 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
eeb3197c by Salvatore Bonaccorso at 2019-12-30T10:54:27Z
Mark tightvnc issues as no-dsa

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -19313,12 +19313,16 @@ CVE-2019-15680 (TightVNC code version 1.3.10 contains null pointer dereference i
 CVE-2019-15679 (TightVNC code version 1.3.10 contains heap buffer overflow in Initiali ...)
 	{DLA-2045-1}
 	- tightvnc 1:1.3.9-9.1 (bug #945364)
+	[buster] - tightvnc <no-dsa> (Minor issue; will be fixed via point release)
+	[stretch] - tightvnc <no-dsa> (Minor issue; will be fixed via point release)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/12/10/5
 	NOTE: https://github.com/LibVNC/libvncserver/commit/c2c4b81e6cb3b485fb1ec7ba9e7defeb889f6ba7
 	NOTE: part of CVE-2018-20748/libvncserver
 CVE-2019-15678 (TightVNC code version 1.3.10 contains heap buffer overflow in rfbServe ...)
 	{DLA-2045-1}
 	- tightvnc 1:1.3.9-9.1 (bug #945364)
+	[buster] - tightvnc <no-dsa> (Minor issue; will be fixed via point release)
+	[stretch] - tightvnc <no-dsa> (Minor issue; will be fixed via point release)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/12/10/5
 	NOTE: https://github.com/LibVNC/libvncserver/commit/c5ba3fee85a7ecbbca1df5ffd46d32b92757bc2a
 	NOTE: part of CVE-2018-20748/libvnvserver
@@ -42779,6 +42783,8 @@ CVE-2019-8288 (Vulnerability in Online Store v1.0, Stored XSS in user_view.php w
 CVE-2019-8287 (TightVNC code version 1.3.10 contains global buffer overflow in Handle ...)
 	{DLA-2045-1}
 	- tightvnc 1:1.3.9-9.1 (bug #945364)
+	[buster] - tightvnc <no-dsa> (Minor issue; will be fixed via point release)
+	[stretch] - tightvnc <no-dsa> (Minor issue; will be fixed via point release)
 	NOTE: https://www.openwall.com/lists/oss-security/2018/12/10/5
 	NOTE: same as CVE-2018-20020/libvncserver
 CVE-2019-8286 (Information Disclosure in Kaspersky Anti-Virus, Kaspersky Internet Sec ...)
@@ -59764,6 +59770,8 @@ CVE-2018-20022 (LibVNC before 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838 contains
 	- italc <removed>
 	- ssvnc 1.0.29-5 (bug #945827)
 	- tightvnc 1:1.3.9-9.1
+	[buster] - tightvnc <no-dsa> (Minor issue; will be fixed via point release)
+	[stretch] - tightvnc <no-dsa> (Minor issue; will be fixed via point release)
 	- veyon 4.1.4+repack1-1
 	NOTE: https://github.com/LibVNC/libvncserver/issues/252
 	NOTE: https://github.com/LibVNC/libvncserver/commit/2f5b2ad1c6c99b1ac6482c95844a84d66bb52838
@@ -59774,6 +59782,8 @@ CVE-2018-20021 (LibVNC before commit c3115350eb8bb635d0fdb4dbbb0d0541f38ed19c co
 	- italc <removed>
 	- ssvnc 1.0.29-5 (bug #945827)
 	- tightvnc 1:1.3.9-9.1
+	[buster] - tightvnc <no-dsa> (Minor issue; will be fixed via point release)
+	[stretch] - tightvnc <no-dsa> (Minor issue; will be fixed via point release)
 	- veyon 4.1.4+repack1-1
 	NOTE: https://github.com/LibVNC/libvncserver/issues/251
 	NOTE: https://github.com/LibVNC/libvncserver/commit/c3115350eb8bb635d0fdb4dbbb0d0541f38ed19c
@@ -98354,6 +98364,8 @@ CVE-2018-7225 (An issue was discovered in LibVNCServer through 0.9.11. rfbProces
 	- libvncserver 0.9.11+dfsg-1.1 (bug #894045)
 	- italc <removed>
 	- tightvnc 1:1.3.9-9.1
+	[buster] - tightvnc <no-dsa> (Minor issue; will be fixed via point release)
+	[stretch] - tightvnc <no-dsa> (Minor issue; will be fixed via point release)
 	- vino <unfixed> (bug #945784)
 	NOTE: https://github.com/LibVNC/libvncserver/issues/218
 	NOTE: https://github.com/LibVNC/libvncserver/commit/b0c77391e6bd0a2305bbc9b37a2499af74ddd9ee
@@ -236286,6 +236298,8 @@ CVE-2014-6053 (The rfbProcessClientNormalMessage function in libvncserver/rfbser
 	- libvncserver 0.9.9+dfsg-6.1 (bug #762745)
 	- italc 1:3.0.1+dfsg1-1
 	- tightvnc 1:1.3.9-9.1
+	[buster] - tightvnc <no-dsa> (Minor issue; will be fixed via point release)
+	[stretch] - tightvnc <no-dsa> (Minor issue; will be fixed via point release)
 	- vino <unfixed> (bug #945784)
 	NOTE: https://github.com/newsoft/libvncserver/commit/6037a9074d52b1963c97cb28ea1096c7c14cbf28
 CVE-2014-6052 (The HandleRFBServerMessage function in libvncclient/rfbproto.c in LibV ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/eeb3197c3b0b405318ca720483b7f39b481293a2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/eeb3197c3b0b405318ca720483b7f39b481293a2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191230/044fd79a/attachment.html>

More information about the debian-security-tracker-commits mailing list