Описание
Security update for LibVNCServer
This update for LibVNCServer fixes the following issues:
Security issues fixed:
- CVE-2018-20749: Fixed a heap out of bounds write vulnerability in rfbserver.c (bsc#1123828)
- CVE-2018-20750: Fixed a heap out of bounds write vulnerability in rfbserver.c (bsc#1123832)
- CVE-2018-20748: Fixed multiple heap out-of-bound writes in VNC client code (bsc#1123823)
Список пакетов
SUSE Linux Enterprise Server for SAP Applications 12 SP1
libvncclient0-0.9.9-17.11.1
libvncserver0-0.9.9-17.11.1
Ссылки
- Link for SUSE-SU-2019:0313-2
- E-Mail link for SUSE-SU-2019:0313-2
- SUSE Security Ratings
- SUSE Bug 1123823
- SUSE Bug 1123828
- SUSE Bug 1123832
- SUSE CVE CVE-2018-20748 page
- SUSE CVE CVE-2018-20749 page
- SUSE CVE CVE-2018-20750 page
Описание
LibVNC before 0.9.12 contains multiple heap out-of-bounds write vulnerabilities in libvncclient/rfbproto.c. The fix for CVE-2018-20019 was incomplete.
Затронутые продукты
SUSE Linux Enterprise Server for SAP Applications 12 SP1:libvncclient0-0.9.9-17.11.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1:libvncserver0-0.9.9-17.11.1
Ссылки
- CVE-2018-20748
- SUSE Bug 1120118
- SUSE Bug 1123823
- SUSE Bug 1155442
Описание
LibVNC before 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-15127 was incomplete.
Затронутые продукты
SUSE Linux Enterprise Server for SAP Applications 12 SP1:libvncclient0-0.9.9-17.11.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1:libvncserver0-0.9.9-17.11.1
Ссылки
- CVE-2018-20749
- SUSE Bug 1120117
- SUSE Bug 1123828
- SUSE Bug 1123832
Описание
LibVNC through 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-15127 was incomplete.
Затронутые продукты
SUSE Linux Enterprise Server for SAP Applications 12 SP1:libvncclient0-0.9.9-17.11.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1:libvncserver0-0.9.9-17.11.1
Ссылки
- CVE-2018-20750
- SUSE Bug 1120117
- SUSE Bug 1123832