-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 05 Jun 2018 14:43:47 +0200 Source: libvncserver Binary: libvncclient1 libvncserver1 libvncserver-dev libvncserver-config libvncclient1-dbg libvncserver1-dbg Architecture: source amd64 Version: 0.9.11+dfsg-1+deb9u1 Distribution: stretch-security Urgency: high Maintainer: Peter Spiess-Knafl <dev@spiessknafl.at> Changed-By: Markus Koschany <apo@debian.org> Description: libvncclient1 - API to write one's own VNC server - client library libvncclient1-dbg - debugging symbols for libvncclient libvncserver-config - API to write one's own VNC server - library utility libvncserver-dev - API to write one's own VNC server - development files libvncserver1 - API to write one's own VNC server libvncserver1-dbg - debugging symbols for libvncserver Closes: 894045 Changes: libvncserver (0.9.11+dfsg-1+deb9u1) stretch-security; urgency=high . * Non-maintainer upload. * Fix CVE-2018-7225: Uninitialized and potentially sensitive data could be accessed by remote attackers because the msg.cct.length in rfbserver.c was not sanitized. (Closes: #894045) Checksums-Sha1: d61561702a566a06def1535ad2ed988bff1fb082 2577 libvncserver_0.9.11+dfsg-1+deb9u1.dsc bd42abab1860bd92890b580453d9865fc9d8e229 525748 libvncserver_0.9.11+dfsg.orig.tar.gz cf342155af44b53cfaa65900b1875fac872c63c7 13460 libvncserver_0.9.11+dfsg-1+deb9u1.debian.tar.xz b4c9dfb2d4d263ee019e86c05a05a6f14d4ba408 219782 libvncclient1-dbg_0.9.11+dfsg-1+deb9u1_amd64.deb 6b0f2390f9e7f6cbd08d254251c7f3fac1082b46 140254 libvncclient1_0.9.11+dfsg-1+deb9u1_amd64.deb 5131495416fedb99b0a3b6f14480aa667826deff 108338 libvncserver-config_0.9.11+dfsg-1+deb9u1_amd64.deb 4b8b71bb4d0649bc0187565bf1f0d0c5d86d7f7b 295712 libvncserver-dev_0.9.11+dfsg-1+deb9u1_amd64.deb 7b071ff1b253193942763407204d124bc72915cb 459548 libvncserver1-dbg_0.9.11+dfsg-1+deb9u1_amd64.deb 205d12f4aee741eaceeffd706671ef00f92a2511 208712 libvncserver1_0.9.11+dfsg-1+deb9u1_amd64.deb 1a5f4a99e566052c29a0299d8584f03f8f0ce382 8384 libvncserver_0.9.11+dfsg-1+deb9u1_amd64.buildinfo Checksums-Sha256: d7dbcf9b7ed0711880cc24ecc1a434052d704f0459c2cd81284b21c869599248 2577 libvncserver_0.9.11+dfsg-1+deb9u1.dsc ea27be2b923cc5e89fb2d93415fdc2373c90cdd2379cf9c671fa234482c69509 525748 libvncserver_0.9.11+dfsg.orig.tar.gz aaec034b52b96969178f843602ad0e9133ba63a55ae8a8fa6f6be887ff39719b 13460 libvncserver_0.9.11+dfsg-1+deb9u1.debian.tar.xz bfc28b5178f19798f44cca0eb32c5b7ce972daa76865cd1fe89c2493b9ad242e 219782 libvncclient1-dbg_0.9.11+dfsg-1+deb9u1_amd64.deb b5cedece3632ee730dd06e6e548bb3300dd24742304075275d6170e1d61ee47a 140254 libvncclient1_0.9.11+dfsg-1+deb9u1_amd64.deb b2dcc9f5e88dba25c4a9b5308e8b1566bc06fde1c03b6483c5a304fa33a70e84 108338 libvncserver-config_0.9.11+dfsg-1+deb9u1_amd64.deb 80e8846ce7de50c6553eb4f1a10fb9d760af354223b5c0220246b14ccac51f76 295712 libvncserver-dev_0.9.11+dfsg-1+deb9u1_amd64.deb e0233fd91504725739dfd639894b4e75928805391693fd89ea4b860beb16c7a9 459548 libvncserver1-dbg_0.9.11+dfsg-1+deb9u1_amd64.deb eb8dcd91be95d41e54c980e4d98100de171c29d138716201adf5c4164e69abab 208712 libvncserver1_0.9.11+dfsg-1+deb9u1_amd64.deb 1fd0936961d78821abfe298014d0d9ca3a9dcec50775bb04b9e591a9eeb25a93 8384 libvncserver_0.9.11+dfsg-1+deb9u1_amd64.buildinfo Files: 66e736e3f02a336259f7a44439ce22a1 2577 libs optional libvncserver_0.9.11+dfsg-1+deb9u1.dsc 192d76504c82a2b6a1a0eb979b2b0733 525748 libs optional libvncserver_0.9.11+dfsg.orig.tar.gz fdb3b661b4694ed08af5251c3bb33532 13460 libs optional libvncserver_0.9.11+dfsg-1+deb9u1.debian.tar.xz f0ea8d85c47e12474b2a0e51ce4ba53b 219782 debug extra libvncclient1-dbg_0.9.11+dfsg-1+deb9u1_amd64.deb f886cec7db412c7585c6f0215caf702d 140254 libs optional libvncclient1_0.9.11+dfsg-1+deb9u1_amd64.deb 5e0d9859740468b3d2653f0565378084 108338 libdevel optional libvncserver-config_0.9.11+dfsg-1+deb9u1_amd64.deb b2a953825313ee1f7cc3e8c056f7a495 295712 libdevel optional libvncserver-dev_0.9.11+dfsg-1+deb9u1_amd64.deb 71f7d9f17677e24e4dcafbe6b9d26e81 459548 debug extra libvncserver1-dbg_0.9.11+dfsg-1+deb9u1_amd64.deb 9eb4e9f07f1fd1c81b805b003a2ed3b8 208712 libs optional libvncserver1_0.9.11+dfsg-1+deb9u1_amd64.deb 23ee7c61a0f3ff66dcbcceeaa9bb1411 8384 libs optional libvncserver_0.9.11+dfsg-1+deb9u1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlsYMENfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1Hk+9cP/3ZhpQr/xdyfjiu4BkooDoQJhbKnGRRU86s2 dEjKArqIAxCvbNach/gGVmXOLqjJmWbCs5O+M6aNikxKDFgecq9gLQq2qelRzyb1 Zshwj32A/ZRdQ3DqhIGGDOCDGkJ3HBrR1F4kLhi4hw2HNMpiQXKc9kepIYOvIdMH MaCm4rCk7KDyZ1MhKAH/wdvHsGMdKDZ+mPCOCU/zIIvj26RsM8E11O8nRSkSWmr5 cVH/GlcAo7NvW6Z7hLDC407pANJBp0t2PemdLZYshbg/XuMsJmoJDypqeS2eJCnh fHqas4aWiHSWKEgmvhpdDaNfNHvkay64vfOEJpSTWMgktvL3ZPMxiLOxAnAssXHC 1z4e0X5zDgG8+Z7n782ttcHgdQDl5kiU3gCLn7VHVaUgMnOL0+42WuEk5jLnT9q8 aqVN5+9lWx60XurGFNzSPUWcay5p8xKVehpL4/SLin1s0InzEIy1AKrgWS+0c3u7 4r93BRVEKRajjjw2X19F7To26+6QSkI5nh0SQaMKblOLoAqWsYUgXlwLm2Xnhnw3 AWMHK4k0oJEoC2lmox1AZc0bQxSiXKpyFOtSN2c/5TMgaP4rMpFrVFYS5FCHKbKk ft8s2tJQi02G+ICmXQ6nu3RkuTKE0vOv6YQIV7tjoHB+qu0ozxQf94yWvQGU7Xlo 01Ia/ixE =xgfu -----END PGP SIGNATURE-----