ELSA-2020-3875

Опубликовано: 06 окт. 2020

Источник: oracle-oval

Платформа: Oracle Linux 7

Описание

ELSA-2020-3875: tigervnc security and bug fix update (MODERATE)

[1.8.0-21]

Add upstream patch needed because of previous security fixes Resolves: bz#1826822

[1.8.0-20]

Fix stack buffer overflow in CMsgReader::readSetCursor Resolves: bz#1791773
Fix heap buffer overflow in DecodeManager::decodeRect Resolves: bz#1791768
Fix heap buffer overflow in TightDecoder::FilterGradient Resolves: bz#1791763
Fix heap-based buffer overflow triggered from CopyRectDecoder Resolves: bz#1791747
Fix stack use-after-return due to incorrect usage of stack memory in ZRLEDecoder Resolves: bz#1791759
Add option to fallback to empty port when the specified one is taken Resolves: bz#1791996

Обновленные пакеты

Oracle Linux 7

Oracle Linux aarch64

tigervnc

1.8.0-21.el7

tigervnc-icons

1.8.0-21.el7

tigervnc-license

1.8.0-21.el7

tigervnc-server

1.8.0-21.el7

tigervnc-server-applet

1.8.0-21.el7

tigervnc-server-minimal

1.8.0-21.el7

tigervnc-server-module

1.8.0-21.el7

Oracle Linux x86_64

tigervnc

1.8.0-21.el7

tigervnc-icons

1.8.0-21.el7

tigervnc-license

1.8.0-21.el7

tigervnc-server

1.8.0-21.el7

tigervnc-server-applet

1.8.0-21.el7

tigervnc-server-minimal

1.8.0-21.el7

tigervnc-server-module

1.8.0-21.el7

Связанные CVE

Ссылки на источники

Связанные уязвимости

openSUSE-SU-2020:0087-1

suse-cvrf

около 6 лет назад

Security update for tigervnc

SUSE-SU-2020:1749-1

suse-cvrf

больше 5 лет назад

Security update for tigervnc

SUSE-SU-2020:0266-1

suse-cvrf

около 6 лет назад

Security update for tigervnc

SUSE-SU-2020:0159-1

suse-cvrf

около 6 лет назад

Security update for tigervnc

SUSE-SU-2020:0113-1

suse-cvrf

около 6 лет назад

Security update for tigervnc