Bug 673508 (CVE-2018-20019, CVE-2018-20023)

Summary:	<net-libs/libvncserver-0.9.12: multiple vulnerabilities
Product:	Gentoo Security	Reporter:	D'juan McDonald (domhnall) <flopwiki>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	normal	CC:	alexander, alex_y_xu, proxy-maint, swegener
Priority:	Normal
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	https://github.com/LibVNC/libvncserver/milestone/4
Whiteboard:	B3 [glsa+ cve]
Package list:		Runtime testing required:	---
Bug Depends on:
Bug Blocks:	701818

Description D'juan McDonald (domhnall) 2018-12-21 06:52:26 UTC

https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-031-libvnc-infinite-loop/ # CVE-2018-20021

https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-030-libvnc-heap-out-of-bound-write/ # CVE-2018-20020

https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-029-libvnc-multiple-heap-out-of-bound-vulnerabilities/ # CVE-2018-20019

https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-032-libvnc-multiple-memory-leaks/ #CVE-2018-20022

https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-033-libvnc-memory-leak/ # CVE-2018-20023

https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-034-libvnc-null-pointer-dereference/ # CVE-2018-20024


@maintainer(s): Milestone for LibVNC due for 0.9.12. Proceed as needed.

Gentoo Security Padawan
(domhnall)

Comment 1 Sven Wegener gentoo-dev

2019-01-15 21:56:26 UTC

While working on x11vnc, a related projectm I ended up preparing a version bump:
https://github.com/swegener/gentoo/commit/1338b4e70fd9e2d6bdbf0f9172c6cfef5d0d6a5e

I haven't pushed it yet, just in case Alex is already working on it.

Comment 2 Larry the Git Cow gentoo-dev

2019-01-17 21:21:43 UTC

The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4fbd9dd57d76b333b4c75791b1590f5ee09119f1

commit 4fbd9dd57d76b333b4c75791b1590f5ee09119f1
Author:     Sven Wegener <swegener@gentoo.org>
AuthorDate: 2019-01-15 21:40:20 +0000
Commit:     Sven Wegener <swegener@gentoo.org>
CommitDate: 2019-01-17 21:21:30 +0000

    net-libs/libvncserver: Version bump, security bug #659560 and #673508
    
    Bug: https://bugs.gentoo.org/659560
    Bug: https://bugs.gentoo.org/673508
    Closes: https://bugs.gentoo.org/435326
    Closes: https://bugs.gentoo.org/675046
    Signed-off-by: Sven Wegener <swegener@gentoo.org>
    Package-Manager: Portage-2.3.51, Repoman-2.3.11

 net-libs/libvncserver/Manifest                     |  1 +
 .../files/libvncserver-0.9.12-cmake-libdir.patch   | 22 +++++++
 net-libs/libvncserver/libvncserver-0.9.12.ebuild   | 72 ++++++++++++++++++++++
 3 files changed, 95 insertions(+)

Comment 3 Yury German Gentoo Infrastructure

2019-04-27 20:35:47 UTC

Maintainer(s), please advise if you are ready for stabilization or call for stabilization yourself.

Comment 4 Alexander Tsoy 2019-07-28 22:02:21 UTC

Cleanup done in 61a66db5451e859c3cc01853ba5a5737c2157147

Comment 5 GLSAMaker/CVETool Bot gentoo-dev

2019-08-09 20:46:08 UTC

This issue was resolved and addressed in
 GLSA 201908-05 at https://security.gentoo.org/glsa/201908-05
by GLSA coordinator Aaron Bauman (b-man).

Comment 6 Thomas Deutschmann (RETIRED) gentoo-dev

2019-12-02 22:30:35 UTC

Freeing aliases for tracker creation.