Bug#954163: libvncserver: CVE-2019-15690

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#954163: libvncserver: CVE-2019-15690
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Tue, 17 Mar 2020 16:58:04 +0100
Message-id: <[🔎] 158446068404.3591319.15604601030619593178.reportbug@eldamar.local>
Reply-to: Salvatore Bonaccorso <carnil@debian.org>, 954163@bugs.debian.org

Source: libvncserver
Version: 0.9.12+dfsg-8
Severity: important
Tags: security upstream
Forwarded: https://github.com/LibVNC/libvncserver/issues/381

Hi,

The following vulnerability was published for libvncserver.

CVE-2019-15690[0].

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2019-15690
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15690
[1] https://www.openwall.com/lists/oss-security/2019/12/20/2
[2] https://github.com/LibVNC/libvncserver/issues/381
[3] https://github.com/LibVNC/libvncserver/commit/54220248886b5001fbbb9fa73c4e1a2cb9413fed

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Reply to:

Follow-Ups:
- Processed: Bug#954163 marked as pending in libvncserver
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>
- Bug#954163: marked as done (libvncserver: CVE-2019-15690)
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>

Prev by Date: x2goclient_4.1.2.2-2_source.changes ACCEPTED into unstable
Next by Date: Processed: found 954163 in 0.9.11+dfsg-1.3+deb10u2, found 954163 in 0.9.11+dfsg-1.3~deb9u3 ...
Previous by thread: x2goclient_4.1.2.2-2_source.changes ACCEPTED into unstable
Next by thread: Processed: Bug#954163 marked as pending in libvncserver
Index(es):
- Date
- Thread