[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Fwd: Re: Bug#1007239: tightvnc: CVE-2022-23967 - overflow in vncviewer, possible duplicate report of CVE-2019-15679

Hi Sven,

On Fri, Apr 08, 2022 at 09:56:41PM +0200, Sven Geuer wrote:
> Hello Debian Security Team,
> 
> CVE-2022-23967 is still in status 'undetermined' although it has been
> worked on Bug#1007239 with the result of tightvnc not being vulnerable.
> For details see [1] and [2] or the email forward below.
> 
> Please update the status of CVE-2022-23967 to reflect the result.
> 
> Let me know if more is needed as for my part.

Yes right saw this and unfortunately I did not got a sensible answer
from the reporter at
https://github.com/MaherAzzouzi/CVE-2022-23967/issues/3 to understand
if the CVE is covering a diferent aspect.

So let's bite the bullet and mark it accordingly.

Regards,
Salvatore
Reply to: