Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted libvncserver 0.9.11+dfsg-1.3+deb10u4 (source) into proposed-updates->stable-new, proposed-updates
Date: Sat, 19 Sep 2020 17:32:07 +0000
Signed by: Mike Gabriel <sunweaver@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Fri, 28 Aug 2020 23:40:37 +0200
Source: libvncserver
Architecture: source
Version: 0.9.11+dfsg-1.3+deb10u4
Distribution: buster
Urgency: medium
Maintainer: Peter Spiess-Knafl <dev@spiessknafl.at>
Changed-By: Mike Gabriel <sunweaver@debian.org>
Changes:
 libvncserver (0.9.11+dfsg-1.3+deb10u4) buster; urgency=medium
 .
   * CVE-2019-20839: libvncclient: bail out if unix socket name would overflow.
   * CVE-2020-14397: libvncserver: add missing NULL pointer checks.
   * CVE-2020-14399: libvncclient: fix pointer aliasing/alignment issue.
   * CVE-2020-14400: libvncserver: fix pointer aliasing/alignment issue.
   * CVE-2020-14401: libvncserver: scale: cast to 64 bit before shifting.
   * CVE-2020-14402, CVE-2020-14403, CVE-2020-14404: libvncserver: encodings:
     prevent OOB accesses.
   * CVE-2020-14405: libvncclient/rfbproto: limit max textchat size.
Checksums-Sha1:
 5fa63383961f62a963f3d624c337b1a0b1e8afb2 2467 libvncserver_0.9.11+dfsg-1.3+deb10u4.dsc
 6cf193a832fb2e9e144f5c38bff79ddcc0c59ac9 26148 libvncserver_0.9.11+dfsg-1.3+deb10u4.debian.tar.xz
 98ca1b4744d46ae309ffd373bf0b0677e2022697 7348 libvncserver_0.9.11+dfsg-1.3+deb10u4_source.buildinfo
Checksums-Sha256:
 9c041fc9ec0c988962887a156c936ee1dea6f5349e9b88da36c913abaf4e52ae 2467 libvncserver_0.9.11+dfsg-1.3+deb10u4.dsc
 dec5e960523e9aa7b5860549855ec107bb57d0959125396b9aa6f97ddc3de895 26148 libvncserver_0.9.11+dfsg-1.3+deb10u4.debian.tar.xz
 f135003d1127765fd2edd0801f0257a92717793416bd1a363ed8d273ac9ee526 7348 libvncserver_0.9.11+dfsg-1.3+deb10u4_source.buildinfo
Files:
 4c83af7e2b592913fdca2aaf94361809 2467 libs optional libvncserver_0.9.11+dfsg-1.3+deb10u4.dsc
 ef6fb66263216a8ae6d97fae1a10baa8 26148 libs optional libvncserver_0.9.11+dfsg-1.3+deb10u4.debian.tar.xz
 a5f8cb92fb75e19e2a66468221180156 7348 libs optional libvncserver_0.9.11+dfsg-1.3+deb10u4_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJJBAEBCAAzFiEEm/uu6GwKpf+/IgeCmvRrMCV3GzEFAl9JfIsVHHN1bndlYXZl
ckBkZWJpYW4ub3JnAAoJEJr0azAldxsxMNIP/12zQe8pSQSMmFI7zSOHpEaCpYRt
hTjI9uvxj9pICXR9ICuZPzIuJk3AU7ugVP7afbQVWkvDQe7T1gLR3VTtbEdC6dVg
NDCCC+pdZs4pRyAiRF2cKvFefZ2WxhV56/gwr8cfY46pjn49t1YLm0Mkis/Q6daj
DIgfKaqsJ3w44HENk2cfTOG5kCxNIa3ApuphNkDaA7S/X6U/9ynRBFYVfWpUjN7x
zwKBvfoWSh44K32nFTYKjXmlZLyvn2jn0/iakVh706Tc9STk1+eMIqPSlaxp/26e
TPvWKxoU7zvanWcC0EDPQ7Pq3UuoJDT4KvuZKI6E8ZkH3pNOFmCk7wXiUUX09chl
evaeUkG+yrQa+YEpr4LJ/6XWOU2doWeFU+/PzxHNwriKqvsEghGiJJSi0sqpmRhv
42SkpbnaTVGu03vuyXtWrAwk644o25xsM8TeFPSQc4LJUoqCpIoHFHDM/Be7x26P
Na8y2/UYMMxJHGdbCEz5Q8o4Ctx1HmMpWOHYCGSrXUYi1zW5um/FgwCo7PAXuOhK
tFXOacEWcwIM94XYrjlhwOurtmCDd81WbuKLHh9TEzGrhzOXJwydCqqssHN5j4qD
OK01wpXpMOGt05AXZAgEQ+BAZtDaoPZY1lShAekGCUCDM75NYdF7FDC0z65WC0Bp
CgwgYQHcVgqrtGXQ
=LL8G
-----END PGP SIGNATURE-----

News for package libvncserver