[Git][security-tracker-team/security-tracker][master] Several libvncserver issues fixed via unstable upload
Salvatore Bonaccorso
carnil at debian.org
Mon Jun 29 20:59:20 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d49f0758 by Salvatore Bonaccorso at 2020-06-29T21:58:49+02:00
Several libvncserver issues fixed via unstable upload
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2301,35 +2301,35 @@ CVE-2020-14407
CVE-2020-14406
RESERVED
CVE-2020-14405 (An issue was discovered in LibVNCServer before 0.9.13. libvncclient/rf ...)
- - libvncserver <unfixed>
+ - libvncserver 0.9.13+dfsg-1
NOTE: https://github.com/LibVNC/libvncserver/commit/8937203441ee241c4ace85da687b7d6633a12365
CVE-2020-14404 (An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rr ...)
- - libvncserver <unfixed>
+ - libvncserver 0.9.13+dfsg-1
NOTE: https://github.com/LibVNC/libvncserver/commit/74e8a70f2c9a5248d6718ce443e07c7ed314dfff
CVE-2020-14403 (An issue was discovered in LibVNCServer before 0.9.13. libvncserver/he ...)
- - libvncserver <unfixed>
+ - libvncserver 0.9.13+dfsg-1
NOTE: https://github.com/LibVNC/libvncserver/commit/74e8a70f2c9a5248d6718ce443e07c7ed314dfff
CVE-2020-14402 (An issue was discovered in LibVNCServer before 0.9.13. libvncserver/co ...)
- - libvncserver <unfixed>
+ - libvncserver 0.9.13+dfsg-1
NOTE: https://github.com/LibVNC/libvncserver/commit/74e8a70f2c9a5248d6718ce443e07c7ed314dfff
CVE-2020-14401 (An issue was discovered in LibVNCServer before 0.9.13. libvncserver/sc ...)
- - libvncserver <unfixed>
+ - libvncserver 0.9.13+dfsg-1
NOTE: https://github.com/LibVNC/libvncserver/commit/a6788d1da719ae006605b78d22f5a9f170b423af
CVE-2020-14400 (An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned da ...)
- - libvncserver <unfixed>
+ - libvncserver 0.9.13+dfsg-1
NOTE: https://github.com/LibVNC/libvncserver/commit/53073c8d7e232151ea2ecd8a1243124121e10e2d
CVE-2020-14399 (An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned da ...)
- - libvncserver <unfixed>
+ - libvncserver 0.9.13+dfsg-1
NOTE: https://github.com/LibVNC/libvncserver/commit/23e5cbe6b090d7f22982aee909a6a618174d3c2d
CVE-2020-14398 (An issue was discovered in LibVNCServer before 0.9.13. An improperly c ...)
- - libvncserver <unfixed>
+ - libvncserver 0.9.13+dfsg-1
[jessie] - libvncserver <ignored> (Proposed patch might break ABI consumers)
NOTE: https://github.com/LibVNC/libvncserver/commit/57433015f856cc12753378254ce4f1c78f5d9c7b
CVE-2020-14397 (An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rf ...)
- - libvncserver <unfixed>
+ - libvncserver 0.9.13+dfsg-1
NOTE: https://github.com/LibVNC/libvncserver/commit/38e98ee61d74f5f5ab4aa4c77146faad1962d6d0
CVE-2020-14396 (An issue was discovered in LibVNCServer before 0.9.13. libvncclient/tl ...)
- - libvncserver <unfixed>
+ - libvncserver 0.9.13+dfsg-1
[jessie] - libvncserver <not-affected> (Vulnerable code not present)
NOTE: https://github.com/LibVNC/libvncserver/commit/33441d90a506d5f3ae9388f2752901227e430553
CVE-2020-14395
@@ -2708,11 +2708,11 @@ CVE-2020-14217
CVE-2020-14216
RESERVED
CVE-2019-20840 (An issue was discovered in LibVNCServer before 0.9.13. libvncserver/ws ...)
- - libvncserver <unfixed>
+ - libvncserver 0.9.13+dfsg-1
[jessie] - libvncserver <not-affected> (Vulnerable code not present)
NOTE: https://github.com/LibVNC/libvncserver/commit/0cf1400c61850065de590d403f6d49e32882fd76
CVE-2019-20839 (libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer over ...)
- - libvncserver <unfixed>
+ - libvncserver 0.9.13+dfsg-1
NOTE: https://github.com/LibVNC/libvncserver/commit/3fd03977c9b35800d73a865f167338cb4d05b0c1
CVE-2018-21247 (An issue was discovered in LibVNCServer before 0.9.13. There is an inf ...)
- libvncserver 0.9.11+dfsg-1.2
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d49f0758f30ca95ea6db90fe283d5d4d2bac9165
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d49f0758f30ca95ea6db90fe283d5d4d2bac9165
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200629/5c3a9d5b/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list