606998 – (CVE-2017-5581) <net-misc/tigervnc-1.7.1: Buffer overflow in ModifiablePixelBuffer::fillRect

Bug 606998 (CVE-2017-5581) - <net-misc/tigervnc-1.7.1: Buffer overflow in ModifiablePixelBuffer::fillRect

Summary: <net-misc/tigervnc-1.7.1: Buffer overflow in ModifiablePixelBuffer::fillRect

Status:	RESOLVED FIXED

Alias:	CVE-2017-5581

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Gentoo Security

URL:	https://bugzilla.redhat.com/show_bug....
Whiteboard:	B2 [glsa cve]
Keywords:

Duplicates (1):	607316 (view as bug list)
Depends on:	606460
Blocks:
	Show dependency tree

Reported:	2017-01-24 09:32 UTC by Agostino Sarubbo
Modified:	2017-02-20 23:43 UTC (History)
CC List:	1 user (show)

See Also:
Package list:	=net-misc/tigervnc-1.7.1
Runtime testing required:	Yes

Flags:	stable-bot: sanity-check+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Agostino Sarubbo gentoo-dev

2017-01-24 09:32:21 UTC

From ${URL} :

A buffer overflow vulnerability in ModifiablePixelBuffer::fillRect in vncviewer was found allowing malicious VNC server to send crafted RRE message and 
possibly take control of the TigerVNC viewer.

Upstream patch:

https://github.com/TigerVNC/tigervnc/commit/18c020124ff1b2441f714da2017f63dba50720ba

PR:

https://github.com/TigerVNC/tigervnc/pull/399

Reference:

http://seclists.org/oss-sec/2017/q1/166


@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.

Comment 1 Agostino Sarubbo gentoo-dev

2017-01-24 09:36:29 UTC

fixed in upstream-1.7.1

Comment 2 Agostino Sarubbo gentoo-dev

2017-01-26 16:10:12 UTC

*** Bug 607316 has been marked as a duplicate of this bug. ***

Comment 3 Thomas Deutschmann (RETIRED) gentoo-dev

2017-01-27 20:52:49 UTC

v1.7.1 is now in repository.


@ Arches,

please test and mark stable: =net-misc/tigervnc-1.7.1

Comment 4 Tobias Klausmann (RETIRED) gentoo-dev

2017-01-28 19:54:17 UTC

Stable on alpha.

Comment 5 Agostino Sarubbo gentoo-dev

2017-01-29 13:56:17 UTC

amd64 stable

Comment 6 Jeroen Roovers (RETIRED) gentoo-dev

2017-01-29 20:30:34 UTC

Stable for HPPA PPC64.

Comment 7 Agostino Sarubbo gentoo-dev

2017-01-31 11:44:27 UTC

x86 stable

Comment 8 Agostino Sarubbo gentoo-dev

2017-02-12 17:02:14 UTC

ppc stable

Comment 9 Markus Meier gentoo-dev

2017-02-12 20:08:24 UTC

arm stable

Comment 10 Thomas Deutschmann (RETIRED) gentoo-dev

2017-02-13 02:14:56 UTC

New GLSA request filed.

Comment 11 Agostino Sarubbo gentoo-dev

2017-02-17 10:58:30 UTC

sparc stable

Comment 12 Agostino Sarubbo gentoo-dev

2017-02-18 14:46:04 UTC

ia64 stable.

Maintainer(s), please cleanup.

Comment 13 GLSAMaker/CVETool Bot gentoo-dev

2017-02-20 23:43:53 UTC

This issue was resolved and addressed in
 GLSA 201702-19 at https://security.gentoo.org/glsa/201702-19
by GLSA coordinator Thomas Deutschmann (whissi).