SUSE-SU-2019:13952-1

Опубликовано: 12 фев. 2019

Источник: suse-cvrf

Описание

Security update for LibVNCServer

This update for LibVNCServer fixes the following issues:

Security issues fixed:

CVE-2018-20749: Fixed a heap out of bounds write vulnerability in rfbserver.c (bsc#1123828)
CVE-2018-20750: Fixed a heap out of bounds write vulnerability in rfbserver.c (bsc#1123832)
CVE-2018-20748: Fixed multiple heap out-of-bound writes in VNC client code (bsc#1123823)

Список пакетов

SUSE Linux Enterprise Point of Sale 11 SP3

LibVNCServer-0.9.1-160.9.1

SUSE Linux Enterprise Server 11 SP4

LibVNCServer-0.9.1-160.9.1

SUSE Linux Enterprise Server for SAP Applications 11 SP4

LibVNCServer-0.9.1-160.9.1

SUSE Linux Enterprise Software Development Kit 11 SP4

LibVNCServer-devel-0.9.1-160.9.1

Ссылки

https://www.suse.com/support/update/announcement/2019/suse-su-201913952-1/
Link for SUSE-SU-2019:13952-1
https://lists.suse.com/pipermail/sle-security-updates/2019-February/005107.html
E-Mail link for SUSE-SU-2019:13952-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1123823
SUSE Bug 1123823
https://bugzilla.suse.com/1123828
SUSE Bug 1123828
https://bugzilla.suse.com/1123832
SUSE Bug 1123832
https://www.suse.com/security/cve/CVE-2018-20748/
SUSE CVE CVE-2018-20748 page
https://www.suse.com/security/cve/CVE-2018-20749/
SUSE CVE CVE-2018-20749 page
https://www.suse.com/security/cve/CVE-2018-20750/
SUSE CVE CVE-2018-20750 page

Описание

LibVNC before 0.9.12 contains multiple heap out-of-bounds write vulnerabilities in libvncclient/rfbproto.c. The fix for CVE-2018-20019 was incomplete.

Затронутые продукты

SUSE Linux Enterprise Point of Sale 11 SP3:LibVNCServer-0.9.1-160.9.1

SUSE Linux Enterprise Server 11 SP4:LibVNCServer-0.9.1-160.9.1

SUSE Linux Enterprise Server for SAP Applications 11 SP4:LibVNCServer-0.9.1-160.9.1

SUSE Linux Enterprise Software Development Kit 11 SP4:LibVNCServer-devel-0.9.1-160.9.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-20748.html
CVE-2018-20748
https://bugzilla.suse.com/1120118
SUSE Bug 1120118
https://bugzilla.suse.com/1123823
SUSE Bug 1123823
https://bugzilla.suse.com/1155442
SUSE Bug 1155442

Описание

LibVNC before 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-15127 was incomplete.

Затронутые продукты

SUSE Linux Enterprise Point of Sale 11 SP3:LibVNCServer-0.9.1-160.9.1

SUSE Linux Enterprise Server 11 SP4:LibVNCServer-0.9.1-160.9.1

SUSE Linux Enterprise Server for SAP Applications 11 SP4:LibVNCServer-0.9.1-160.9.1

SUSE Linux Enterprise Software Development Kit 11 SP4:LibVNCServer-devel-0.9.1-160.9.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-20749.html
CVE-2018-20749
https://bugzilla.suse.com/1120117
SUSE Bug 1120117
https://bugzilla.suse.com/1123828
SUSE Bug 1123828
https://bugzilla.suse.com/1123832
SUSE Bug 1123832

Описание

LibVNC through 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-15127 was incomplete.

Затронутые продукты

SUSE Linux Enterprise Point of Sale 11 SP3:LibVNCServer-0.9.1-160.9.1

SUSE Linux Enterprise Server 11 SP4:LibVNCServer-0.9.1-160.9.1

SUSE Linux Enterprise Server for SAP Applications 11 SP4:LibVNCServer-0.9.1-160.9.1

SUSE Linux Enterprise Software Development Kit 11 SP4:LibVNCServer-devel-0.9.1-160.9.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-20750.html
CVE-2018-20750
https://bugzilla.suse.com/1120117
SUSE Bug 1120117
https://bugzilla.suse.com/1123832
SUSE Bug 1123832

SUSE-SU-2019:13952-1

Описание

Список пакетов

SUSE Linux Enterprise Point of Sale 11 SP3

SUSE Linux Enterprise Server 11 SP4

SUSE Linux Enterprise Server for SAP Applications 11 SP4

SUSE Linux Enterprise Software Development Kit 11 SP4

Ссылки

Уязвимость: CVE-2018-20748

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2018-20749

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2018-20750

Описание

Затронутые продукты

Ссылки