-
vino (3.22.0-5ubuntu2.2) focal-security; urgency=medium
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2020-25708.patch: fix possible divide-by-zero in
server/libvncserver/rfbserver.c.
- CVE-2020-25708
-- <email address hidden> (Leonidas S. Barbosa) Mon, 16 Nov 2020 11:50:06 -0300
-
vino (3.22.0-5ubuntu2.1) focal-security; urgency=medium
* SECURITY UPDATE: DoS via unchecked malloc
- debian/patches/CVE-2014-6053.patch: check malloc() return value in
server/libvncserver/rfbserver.c.
- CVE-2014-6053
* SECURITY UPDATE: client cut length issue
- debian/patches/CVE-2018-7225.patch: limit client cut text length to
1 MB in server/libvncserver/rfbserver.c.
- CVE-2018-7225
* SECURITY UPDATE: information disclosure via memory leak
- debian/patches/CVE-2019-15681.patch: don't leak stack memory to the
remote in server/libvncserver/rfbserver.c.
- CVE-2019-15681
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2020-14397.patch: add missing NULL pointer checks
in server/libvncserver/rfbregion.c, server/libvncserver/rfbserver.c.
- CVE-2020-14397
* SECURITY UPDATE: out-of-bounds access via encodings
- debian/patches/CVE-2020-1440x.patch: prevent OOB accesses in
server/libvncserver/corre.c, server/libvncserver/hextile.c,
server/libvncserver/rre.c.
- CVE-2020-14402
- CVE-2020-14403
- CVE-2020-14404
-- Marc Deslauriers <email address hidden> Tue, 06 Oct 2020 10:33:38 -0400
-
vino (3.22.0-5ubuntu2) disco; urgency=medium
* Clean upload leftover
-- Sebastien Bacher <email address hidden> Thu, 24 Jan 2019 17:32:31 +0100
