Accepted libvncserver 0.9.9+dfsg-1+deb7u2 (source amd64) into oldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 03 Jan 2017 14:26:09 +0000
Source: libvncserver
Binary: libvncserver0 libvncserver-dev libvncserver-config libvncserver0-dbg linuxvnc
Architecture: source amd64
Version: 0.9.9+dfsg-1+deb7u2
Distribution: wheezy-security
Urgency: high
Maintainer: Luca Falavigna <dktrkranz@debian.org>
Changed-By: Chris Lamb <lamby@debian.org>
Description:
libvncserver-config - API to write one's own vnc server - library utility
libvncserver-dev - API to write one's own vnc server - development files
libvncserver0 - API to write one's own vnc server
libvncserver0-dbg - debugging symbols for libvncserver
linuxvnc - VNC server to allow remote access to a tty
Closes: 850007 850008
Changes:
libvncserver (0.9.9+dfsg-1+deb7u2) wheezy-security; urgency=high
.
* CVE-2016-9941: Fix a heap-based buffer overflow that allows remote servers
to cause a denial of service via a crafted FramebufferUpdate message
containing a subrectangle outside of the drawing area. (Closes: #850007)
* CVE-2016-9942: Fix a heap-based buffer overflow that allow remote servers
to cause a denial of service via a crafted FramebufferUpdate message with
the "Ultra" type tile such that the LZO decompressed payload exceeds the
size of the tile dimensions. (Closes: #850008)
Checksums-Sha1:
b1c04979f664f0a2212b9072d13201df340b3d19 2228 libvncserver_0.9.9+dfsg-1+deb7u2.dsc
753f8242b08a0bd263b8c6d0842752b85c2752c9 870165 libvncserver_0.9.9+dfsg.orig.tar.gz
856f8f0e9e60a97b050b98792e526a8c606a11c0 18166 libvncserver_0.9.9+dfsg-1+deb7u2.debian.tar.gz
4e65adfafaaeb647a7ad1d7581ea1de5aac8fc49 279740 libvncserver0_0.9.9+dfsg-1+deb7u2_amd64.deb
d757c7681bbb96caf65a3128eda381f17ace0b31 336090 libvncserver-dev_0.9.9+dfsg-1+deb7u2_amd64.deb
d97cd4e450f9b2c567b9363e477aec81b2432463 75136 libvncserver-config_0.9.9+dfsg-1+deb7u2_amd64.deb
4dbc7697a5ba9972873e63301b4c50fe990d726f 595710 libvncserver0-dbg_0.9.9+dfsg-1+deb7u2_amd64.deb
9724f55b360091e82e5d394d6d904090cea0c65d 87110 linuxvnc_0.9.9+dfsg-1+deb7u2_amd64.deb
Checksums-Sha256:
3d3de5b2e1598343a034e798712e1f39bcdf4b6d17aaf974507c5f81c28469d2 2228 libvncserver_0.9.9+dfsg-1+deb7u2.dsc
8586a0b6caa3ddb2efada804e888713232b2ced8e86a83b96b81c2016c387412 870165 libvncserver_0.9.9+dfsg.orig.tar.gz
5fc9736268fb942d72e06c4fce3a5b1b596d50685899d018b0baf99cddc20cba 18166 libvncserver_0.9.9+dfsg-1+deb7u2.debian.tar.gz
5b209330719f5d4acb2c9752deebcc188537dc9d9410a82ab6e0085e0301148c 279740 libvncserver0_0.9.9+dfsg-1+deb7u2_amd64.deb
53500003148eaa5c69b8876798a6a5f17f9e20998e9eb9c674d7ce9ad47c68bd 336090 libvncserver-dev_0.9.9+dfsg-1+deb7u2_amd64.deb
476a7c77995dcac6f1bc0e114a048566ca1fdd585bfb4617700d8440647f693e 75136 libvncserver-config_0.9.9+dfsg-1+deb7u2_amd64.deb
d7173013e351c25e6cded6cc599c435ef121da0e8a62ae16359e7046ac7c00fa 595710 libvncserver0-dbg_0.9.9+dfsg-1+deb7u2_amd64.deb
3fa436cd0faacafed3c99f1c028f5ffb0d5c0d02b1bb3958a40312b2e740d1d0 87110 linuxvnc_0.9.9+dfsg-1+deb7u2_amd64.deb
Files:
e39a016bcdafd12e2a94473347347212 2228 libs optional libvncserver_0.9.9+dfsg-1+deb7u2.dsc
2321da04142992da018a6176bcdf774e 870165 libs optional libvncserver_0.9.9+dfsg.orig.tar.gz
8ed390ddb37e8c54a7ee000291ef5e40 18166 libs optional libvncserver_0.9.9+dfsg-1+deb7u2.debian.tar.gz
8d61a0a20b8eb74d476788559e01c252 279740 libs optional libvncserver0_0.9.9+dfsg-1+deb7u2_amd64.deb
ea43e99a9c59ccca420ebcdd772199a4 336090 libdevel optional libvncserver-dev_0.9.9+dfsg-1+deb7u2_amd64.deb
e20d19a0a40500ac8a86678b3a0d3f15 75136 libdevel optional libvncserver-config_0.9.9+dfsg-1+deb7u2_amd64.deb
a36855fa4bdfbbab77f4246c19436674 595710 debug extra libvncserver0-dbg_0.9.9+dfsg-1+deb7u2_amd64.deb
e39a8dfb7d660f5de15ef39a5128a890 87110 net optional linuxvnc_0.9.9+dfsg-1+deb7u2_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlhrx0EACgkQHpU+J9Qx
HliIQw/+NiLio8V4aQVBQFfxy0ChyVNAjoRTh39RV3dKKDLYoGCzePizgvvAekte
dG/e2Q9+G/65XvPFVsXxyITlgcecaaceD8I6JxFxcp4VmWnk9RQ6Uow5JyMmSiCA
jZjg4zfHGA/CkZk6vhMQ6DYuMbFPCckitM0GSaFrGmqDJSra/Gy+FjXvgyy3Tp/F
VhsuHfpbugVD9824JKM8jlc3c6b5le8NuTdDqDbZsedRv+fyh2Ce3bb+PvILU2IS
dzE2ZLkNzEZdMYiP7SNmqURREPP2u2n8qhSrO/wTYBCW3hXrFtzzsuwBHAEVCAUS
e9awnxzU2jPdIgV8fkpyy/B2xuIVrmf4/zAkqeqUq4PZGDYEomL5GlJICxUZdC5M
8rKp6ewNp+3R8CFHrs43RTn5T9hHWNPX3x0KFMQTthl74Ja+N8zio+vjVo1lHTfO
xOU5lwSalYqzUtF4puVWZb4r5A1d8O37rfnYdwDtQOXAgLnbEPomXX+ehFBcl1uC
KrgTDQIvZMq1Yuc8sjbZqQXHwN4RoPhBgs+qQ6n47M5Hmg61yIC4SPuDU2j4aOis
IFSMAqgezJHkqr03i3dReKgE9JCW/FluVKDg9X2GAwr2/3PmHmKjIYphJE5Jkv7+
S/1rnHouA/Y0HokUHkIOzKRavJfaFXfuBh8Jqw9OCERc7xw8pgs=
=9wSQ
-----END PGP SIGNATURE-----
Reply to: