MGASA-2020-0288

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2020-0288.html

Import Source

https://advisories.mageia.org/MGASA-2020-0288.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2020-0288

Related

Published

2020-07-10T08:01:08Z

Modified

2020-07-10T07:29:14Z

Summary

Updated vino packages fix security vulnerability

Details

The updated package fixes security vulnerabilities: An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rfbregion.c has a NULL pointer dereference. (CVE-2020-14397) Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. (CVE-2020-14400) libvncserver/corre.c allows out-of-bounds access via encodings. (CVE-2020-14402) libvncserver/hextile.c allows out-of-bounds access via encodings. (CVE-2020-14403) An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rre.c allows out-of-bounds access via encodings. (CVE-2020-14404)

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

MGASA-2020-0288

Affected packages