-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 29 Mar 2018 22:55:20 +0530 Source: libvncserver Binary: libvncserver0 libvncserver-dev libvncserver-config libvncserver0-dbg linuxvnc Architecture: source amd64 Version: 0.9.9+dfsg-1+deb7u3 Distribution: wheezy-security Urgency: high Maintainer: Luca Falavigna <dktrkranz@debian.org> Changed-By: Abhijith PA <abhijith@disroot.org> Description: libvncserver-config - API to write one's own vnc server - library utility libvncserver-dev - API to write one's own vnc server - development files libvncserver0 - API to write one's own vnc server libvncserver0-dbg - debugging symbols for libvncserver linuxvnc - VNC server to allow remote access to a tty Closes: 894045 Changes: libvncserver (0.9.9+dfsg-1+deb7u3) wheezy-security; urgency=high . * Non-maintainer upload for the Debian LTS Team. * CVE-2018-7225: rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact (e.g., an integer overflow) via specially crafted VNC packets (Closes: #894045) Checksums-Sha1: 788e3eb2d3f7da9e777ad43b9f290605027ddb53 2228 libvncserver_0.9.9+dfsg-1+deb7u3.dsc 3984f3f758684e984ee51e57aa5917b0fa58e4eb 18886 libvncserver_0.9.9+dfsg-1+deb7u3.debian.tar.gz 6ed6670944c3b8b5c0ed65f162a3f56aa67ffe57 280206 libvncserver0_0.9.9+dfsg-1+deb7u3_amd64.deb a5bedcdbb2a2085edda1bdaea760dcfd68f0d858 334528 libvncserver-dev_0.9.9+dfsg-1+deb7u3_amd64.deb 651d9fdb12c91dd4bd9133e6f3fcff420809eba8 75030 libvncserver-config_0.9.9+dfsg-1+deb7u3_amd64.deb 0c098719c69c5541405bfd9d82d51ad2d1e33c0b 595656 libvncserver0-dbg_0.9.9+dfsg-1+deb7u3_amd64.deb 843b4c1f8026beab569c1e66088b8a2fa1481e9a 87076 linuxvnc_0.9.9+dfsg-1+deb7u3_amd64.deb Checksums-Sha256: c89eb9bb73aa68a0b893c267fd554b53e45f1e2176ad5e70a4eaabb2e0a24a4b 2228 libvncserver_0.9.9+dfsg-1+deb7u3.dsc 7770369054c5a89ca3a265a06b56b632edababa7dc236c7ab52aa43981e65c9f 18886 libvncserver_0.9.9+dfsg-1+deb7u3.debian.tar.gz 24fea418e27ff98a1ef091f238c98cae2626929f994e82d5506f105a17fe43bb 280206 libvncserver0_0.9.9+dfsg-1+deb7u3_amd64.deb 3271239000e4b44ec20daff28a35b0d826f2ed321bdbcfd5990c6f98a852cde3 334528 libvncserver-dev_0.9.9+dfsg-1+deb7u3_amd64.deb c06ae9289a16ca0e1d8ed74fc1c8db3cd73fd10b047ade6bbf757f6f3454a48d 75030 libvncserver-config_0.9.9+dfsg-1+deb7u3_amd64.deb f672080d165761589cad2f0a97ff235cecf7faefe4958413246c87ee30223d8e 595656 libvncserver0-dbg_0.9.9+dfsg-1+deb7u3_amd64.deb 33f02ed853d622c095b2105fd8b2b260e627370a2b8ba4303492d8e70a8dbd3f 87076 linuxvnc_0.9.9+dfsg-1+deb7u3_amd64.deb Files: 551843d869476b33f2b11c2f331fdb56 2228 libs optional libvncserver_0.9.9+dfsg-1+deb7u3.dsc d430e1871b6be1364a4e080372969cdd 18886 libs optional libvncserver_0.9.9+dfsg-1+deb7u3.debian.tar.gz 435aef032b33b5bb847f0070d9ff030d 280206 libs optional libvncserver0_0.9.9+dfsg-1+deb7u3_amd64.deb 8aecd66b8baca9f9dfcf4bc2ccdb7616 334528 libdevel optional libvncserver-dev_0.9.9+dfsg-1+deb7u3_amd64.deb 80b2c14dc420eef4d56502cf6b12bc3d 75030 libdevel optional libvncserver-config_0.9.9+dfsg-1+deb7u3_amd64.deb 8a7e557d00d95e6a8d80b6a8545b9aad 595656 debug extra libvncserver0-dbg_0.9.9+dfsg-1+deb7u3_amd64.deb ac80fa65857040f91f7aae63b820879b 87076 net optional linuxvnc_0.9.9+dfsg-1+deb7u3_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEIvIyxrHg9L8rJgpqXpDc+pQmh28FAlq+eOEACgkQXpDc+pQm h28vCRAAoNnYuZ0coAH11zJxmtCHlyw/g5f2w9G2zCmF5TqVNeMBqk14YONPgC7p N1DPy6JpfNGSXmZ84e7HaeVoYeu0ZQapbgUwGoIOPM+i8AyE6FsEcJQ9Tzr3yFWN E5A4fL0qdRmpB1nkWtKsIVbA0sQLxXr8CCqRv3E71WBz8rVH1Et0TP9atgPwvkwE sX4qWunC5EtdiRy6Vl2iMyGChPoDHSgypH2LIQX3NWpxwmu5qJ5zqM95FUSAqC0z r/kzk+ZPjCzpCRmGVyus04vxCMh+Tz4Hi6yxQ8rNOwgt47YU3Js/KAXk7rees4Yh PsouzhQV8Lp9EHT9x9wApq5L83ZE1UcfQNNFWysF06YXetcXUGbpSkV9seNuw+eB F/vTTMLqwF+Yk23Z0A6XXKvqsJ87Klx7ja1vKqP+r341uLf/RGVEv7qoH3JUf/rB NMTmGUZf2LrwzAwc/b/LbYgM2rwEWgzH+RR7GZB7cVZm0SyQe4FDusGer8rnIbdK ntWSK3Rt13fcy1oiFTIMt0TkFOFp5W3rTsjzTU+a5XgVYSntE14NmJblzwjzDcTx Sn4kp1tZe0qTGaj0NAk0g3RQM2sd5ktjGed4PJGqfotrWYUbO+sF6Tg1POQUF+uy nrOUFzOTTbt8EJzKHxvz0MlPASuxuvb+OtYMQrv9jO+yTGzP1FY= =pKmy -----END PGP SIGNATURE-----
