Bug#1077822: neatvnc: CVE-2024-42458

To: submit@bugs.debian.org
Subject: Bug#1077822: neatvnc: CVE-2024-42458
From: Moritz Mühlenhoff <jmm@inutil.org>
Date: Fri, 2 Aug 2024 21:33:29 +0200
Message-id: <[🔎] Zq00idwUQOHu1fk1@pisco.westfalen.local>
Reply-to: Moritz Mühlenhoff <jmm@inutil.org>, 1077822@bugs.debian.org

Source: neatvnc
X-Debbugs-CC: team@security.debian.org
Severity: grave
Tags: security

Hi,

The following vulnerability was published for neatvnc.

CVE-2024-42458[0]:
| server.c in Neat VNC (aka neatvnc) before 0.8.1 does not properly
| validate the security type.

https://www.openwall.com/lists/oss-security/2024/08/02/1


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2024-42458
    https://www.cve.org/CVERecord?id=CVE-2024-42458

Please adjust the affected versions in the BTS as needed.

Reply to:

Follow-Ups:
- Bug#1077822: marked as done (neatvnc: CVE-2024-42458)
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>

Prev by Date: Processing of yatex_1.82-3_source.changes
Next by Date: yatex_1.82-4_source.changes ACCEPTED into unstable
Previous by thread: Processing of yatex_1.82-3_source.changes
Next by thread: Bug#1077822: marked as done (neatvnc: CVE-2024-42458)
Index(es):
- Date
- Thread