Summary: | <net-libs/libvncserver-0.9.11: multiple vulnerabilities (CVE-2016-{9941,9942}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Thomas Deutschmann (RETIRED) <whissi> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | alex_y_xu, proxy-maint |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B2 [glsa cve] | ||
Package list: |
=net-libs/libvncserver-0.9.11-r1
|
Runtime testing required: | Yes |
Bug Depends on: | 604192 | ||
Bug Blocks: |
Description
Thomas Deutschmann (RETIRED)
2017-01-11 00:38:41 UTC
CVE-2016-9942 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9942): Heap-based buffer overflow in ultra.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message with the Ultra type tile, such that the LZO payload decompressed length exceeds what is specified by the tile dimensions. CVE-2016-9941 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-9941): Heap-based buffer overflow in rfbproto.c in LibVNCClient in LibVNCServer before 0.9.11 allows remote servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted FramebufferUpdate message containing a subrectangle outside of the client drawing area. @ Maintainer(s): Please bump to >=net-libs/libvncserve-0.9.11 and let us know if it is ready for the stabilization or how long you want to wait. Now in repository, https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=13bf08599c6d332501292db40aea7b9179efc257 @ Arches, please test and mark stable: =net-libs/libvncserver-0.9.11 test with x11vnc or similar Stable on alpha. Stable for PPC64. Stable for HPPA. amd64 stable x86 stable ppc stable sparc stable ia64 stable arm stable, all arches done. glsa request filed please drop <net-libs/libvncserver-0.9.11-r1, thanks Already done via https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6c329ef7d981dbb47dee4c1b45d7a98b7f60e38e This issue was resolved and addressed in GLSA 201702-24 at https://security.gentoo.org/glsa/201702-24 by GLSA coordinator Thomas Deutschmann (whissi). |