-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 30 Jan 2019 22:39:15 +0100 Source: libvncserver Binary: libvncclient1 libvncclient1-dbg libvncserver-config libvncserver-dev libvncserver1 libvncserver1-dbg Architecture: source Version: 0.9.11+dfsg-1.3 Distribution: unstable Urgency: medium Maintainer: Peter Spiess-Knafl <dev@spiessknafl.at> Changed-By: Salvatore Bonaccorso <carnil@debian.org> Closes: 920941 Description: libvncclient1 - API to write one's own VNC server - client library libvncclient1-dbg - debugging symbols for libvncclient libvncserver-config - API to write one's own VNC server - library utility libvncserver-dev - API to write one's own VNC server - development files libvncserver1 - API to write one's own VNC server libvncserver1-dbg - debugging symbols for libvncserver Changes: libvncserver (0.9.11+dfsg-1.3) unstable; urgency=medium . * Non-maintainer upload. * LibVNCClient: ignore server-sent cut text longer than 1MB (CVE-2018-20748) (Closes: #920941) * LibVNCClient: ignore server-sent reason strings longer than 1MB (CVE-2018-20748) (Closes: #920941) * LibVNCClient: fail on server-sent desktop name lengths longer than 1MB (CVE-2018-20748) (Closes: #920941) * LibVNCClient: remove now-useless cast (CVE-2018-20748) (Closes: #920941) * Error out in rfbProcessFileTransferReadBuffer if length can not be allocated (CVE-2018-20749) (Closes: #920941) * Limit lenght to INT_MAX bytes in rfbProcessFileTransferReadBuffer() (CVE-2018-20750) (Closes: #920941) Checksums-Sha1: 1283eac81fef47ad3c3459d2ca21aa66eacbbe92 2561 libvncserver_0.9.11+dfsg-1.3.dsc 00a01dbd9737965ad9d3e045a241c5712ab15ece 21212 libvncserver_0.9.11+dfsg-1.3.debian.tar.xz Checksums-Sha256: f3f01f4d3e5dbc6eae9b067c5972de27b027f4457c5fb62b9bf9bd4c078479fb 2561 libvncserver_0.9.11+dfsg-1.3.dsc fcbb00848a548f15e151b293639cd1576591d894b7101682c659f36cf78e8bf7 21212 libvncserver_0.9.11+dfsg-1.3.debian.tar.xz Files: 8f6fae2c32e0b79d54fb4ccd40b7bea0 2561 libs optional libvncserver_0.9.11+dfsg-1.3.dsc b6cc75c50051e2efd0d4620cd9f2d5a9 21212 libs optional libvncserver_0.9.11+dfsg-1.3.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAlxSG8FfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EJ1MP/2ztoxqoW9o20EylfmjiyCuzVwj3f32U YY8RxDaipXvqXgGWB4O9LmJffFAE3ENYG1yVXUpGPvZ/UpUniAe9pE5HC0pBdD1q JDZguJl4F/u+JMA8/kjzGmcnrldtVslpdYAu0zTcwJSjo3xzFeBDW1rF0Sq3ast7 v8XUWiiUiLnIB6Hy+6DqZWc7wfb+GF8F/OAhVYsgJhKRodTtrVBzsXRWbhnPs5lR wjiM+mejmDDT9uczU0EWH+T0s2vsZO6Vhls8dHhhLnEp/tkNa4fINItzvICD44iY k9cqWf9coREeT1z3VIEjmcCiFbWVc1RtTMmfsyjWkEluxY4+l25p4JVD9x1qgTCd YcPpopBScAcm92B7KW4GvpnoAtxf1WLv1xqs7Hj9JsnMKhQe8sM95O8rfqwjbaAE lEMmSPALJ5UVR74cdFOJjveSlylkePVKQUIJWLXesdbCBz8A+ItJzMckFBZ530OH jWV2RCSjcDQAEIFVFfi43YYMB5Dt/kiY2728FQlSDGXQJtvg8+8xlrW5lNeJYhWe NbxnqY514DzZNBVnfXDBNiMeANnbnrmBNr8kJEHWXjnz1oY1o60wDzvKjGZQSN5i 8XD2Sr1sujKsXtq8J0R0aAv2sB11FrxYUIupHKkJY/+BnBZR0fLzvLEitC84SfGF eFd2Q7rS5DuV =/V4/ -----END PGP SIGNATURE-----
