Описание
Security update for tigervnc, fltk
tigervnc and fltk were updated to fix security issues and non-security bugs.
This security issue was fixed:
- CVE-2015-0255: Information leak in the XkbSetGeometry request of X servers (bnc#915810).
These non-security issues were fixed:
- vncviewer-tigervnc does not display mouse cursor shape changes (bnc#908738).
- vnc module for Xorg fails to load on startup, module mismatch (bnc#911577).
- An Xvnc session may become unusable when user logs out (bnc#920969)
fltk was updated to fix one non-security issue:
- vncviewer-tigervnc does not display mouse cursor shape changes (bnc#908738).
Additionally tigervnc was updated to 1.4.1, the contained X server was updated to to 1.15.2.
Список пакетов
SUSE Linux Enterprise Desktop 12
libfltk1-1.3.2-10.2
tigervnc-1.4.1-32.1
xorg-x11-Xvnc-1.4.1-32.1
SUSE Linux Enterprise Server 12
libfltk1-1.3.2-10.2
tigervnc-1.4.1-32.1
xorg-x11-Xvnc-1.4.1-32.1
SUSE Linux Enterprise Server for SAP Applications 12
libfltk1-1.3.2-10.2
tigervnc-1.4.1-32.1
xorg-x11-Xvnc-1.4.1-32.1
SUSE Linux Enterprise Software Development Kit 12
fltk-devel-1.3.2-10.2
fltk-devel-static-1.3.2-10.2
Ссылки
- Link for SUSE-SU-2015:0939-1
- E-Mail link for SUSE-SU-2015:0939-1
- SUSE Security Ratings
- SUSE Bug 908738
- SUSE Bug 911577
- SUSE Bug 915782
- SUSE Bug 915810
- SUSE Bug 920969
- SUSE CVE CVE-2015-0255 page
Описание
X.Org Server (aka xserver and xorg-server) before 1.16.3 and 1.17.x before 1.17.1 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (crash) via a crafted string length value in a XkbSetGeometry request.
Затронутые продукты
SUSE Linux Enterprise Desktop 12:libfltk1-1.3.2-10.2
SUSE Linux Enterprise Desktop 12:tigervnc-1.4.1-32.1
SUSE Linux Enterprise Desktop 12:xorg-x11-Xvnc-1.4.1-32.1
SUSE Linux Enterprise Server 12:libfltk1-1.3.2-10.2
Ссылки
- CVE-2015-0255
- SUSE Bug 915810