Описание
Security update for LibVNCServer
This update for LibVNCServer fixes the following issues:
Security issues fixed:
- CVE-2018-20749: Fixed a heap out of bounds write vulnerability in rfbserver.c (bsc#1123828)
- CVE-2018-20750: Fixed a heap out of bounds write vulnerability in rfbserver.c (bsc#1123832)
- CVE-2018-20748: Fixed multiple heap out-of-bound writes in VNC client code (bsc#1123823)
Список пакетов
SUSE Enterprise Storage 4
libvncclient0-0.9.9-17.11.1
libvncserver0-0.9.9-17.11.1
SUSE Linux Enterprise Server 12 SP1-LTSS
libvncclient0-0.9.9-17.11.1
libvncserver0-0.9.9-17.11.1
SUSE Linux Enterprise Server 12 SP2-BCL
libvncclient0-0.9.9-17.11.1
libvncserver0-0.9.9-17.11.1
SUSE Linux Enterprise Server 12 SP2-LTSS
libvncclient0-0.9.9-17.11.1
libvncserver0-0.9.9-17.11.1
SUSE Linux Enterprise Server 12 SP3
libvncclient0-0.9.9-17.11.1
libvncserver0-0.9.9-17.11.1
SUSE Linux Enterprise Server 12 SP4
libvncclient0-0.9.9-17.11.1
libvncserver0-0.9.9-17.11.1
SUSE Linux Enterprise Server 12-LTSS
libvncclient0-0.9.9-17.11.1
libvncserver0-0.9.9-17.11.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
libvncclient0-0.9.9-17.11.1
libvncserver0-0.9.9-17.11.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
libvncclient0-0.9.9-17.11.1
libvncserver0-0.9.9-17.11.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
libvncclient0-0.9.9-17.11.1
libvncserver0-0.9.9-17.11.1
SUSE Linux Enterprise Software Development Kit 12 SP3
LibVNCServer-devel-0.9.9-17.11.1
SUSE Linux Enterprise Software Development Kit 12 SP4
LibVNCServer-devel-0.9.9-17.11.1
SUSE OpenStack Cloud 7
libvncclient0-0.9.9-17.11.1
libvncserver0-0.9.9-17.11.1
Ссылки
- Link for SUSE-SU-2019:0313-1
- E-Mail link for SUSE-SU-2019:0313-1
- SUSE Security Ratings
- SUSE Bug 1123823
- SUSE Bug 1123828
- SUSE Bug 1123832
- SUSE CVE CVE-2018-20748 page
- SUSE CVE CVE-2018-20749 page
- SUSE CVE CVE-2018-20750 page
Описание
LibVNC before 0.9.12 contains multiple heap out-of-bounds write vulnerabilities in libvncclient/rfbproto.c. The fix for CVE-2018-20019 was incomplete.
Затронутые продукты
SUSE Enterprise Storage 4:libvncclient0-0.9.9-17.11.1
SUSE Enterprise Storage 4:libvncserver0-0.9.9-17.11.1
SUSE Linux Enterprise Server 12 SP1-LTSS:libvncclient0-0.9.9-17.11.1
SUSE Linux Enterprise Server 12 SP1-LTSS:libvncserver0-0.9.9-17.11.1
Ссылки
- CVE-2018-20748
- SUSE Bug 1120118
- SUSE Bug 1123823
- SUSE Bug 1155442
Описание
LibVNC before 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-15127 was incomplete.
Затронутые продукты
SUSE Enterprise Storage 4:libvncclient0-0.9.9-17.11.1
SUSE Enterprise Storage 4:libvncserver0-0.9.9-17.11.1
SUSE Linux Enterprise Server 12 SP1-LTSS:libvncclient0-0.9.9-17.11.1
SUSE Linux Enterprise Server 12 SP1-LTSS:libvncserver0-0.9.9-17.11.1
Ссылки
- CVE-2018-20749
- SUSE Bug 1120117
- SUSE Bug 1123828
- SUSE Bug 1123832
Описание
LibVNC through 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-15127 was incomplete.
Затронутые продукты
SUSE Enterprise Storage 4:libvncclient0-0.9.9-17.11.1
SUSE Enterprise Storage 4:libvncserver0-0.9.9-17.11.1
SUSE Linux Enterprise Server 12 SP1-LTSS:libvncclient0-0.9.9-17.11.1
SUSE Linux Enterprise Server 12 SP1-LTSS:libvncserver0-0.9.9-17.11.1
Ссылки
- CVE-2018-20750
- SUSE Bug 1120117
- SUSE Bug 1123832