Debian Package Tracker - libvncserver

general

source: libvncserver (main)
version: 0.9.11+dfsg-1.2
maintainer: Peter Spiess-Knafl [DMD]
arch: any
std-ver: 3.9.8
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 0.9.9+dfsg-1+deb7u1
o-o-sec: 0.9.9+dfsg-1+deb7u3
oldstable: 0.9.9+dfsg2-6.1+deb8u3
old-sec: 0.9.9+dfsg2-6.1+deb8u4
stable: 0.9.11+dfsg-1+deb9u1
stable-sec: 0.9.11+dfsg-1+deb9u1
testing: 0.9.11+dfsg-1.2
unstable: 0.9.11+dfsg-1.2

versioned links

0.9.9+dfsg-1+deb7u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.9.9+dfsg-1+deb7u3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.9.9+dfsg2-6.1+deb8u3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.9.9+dfsg2-6.1+deb8u4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.9.11+dfsg-1+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.9.11+dfsg-1.2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libvncclient1
libvncclient1-dbg
libvncserver-config
libvncserver-dev
libvncserver1
libvncserver1-dbg

action needed

A new upstream version is available: 0.9.12 high

A new upstream version 0.9.12 is available, you should consider packaging it.

Created: 2019-01-10 Last update: 2019-01-21 19:17

Failed to analyze the VCS repository. Please troubleshoot and fix the issue. high

vcswatch reports that there is an error with this package's VCS, or the debian/changelog file inside it. Please check the error shown below and try to fix it. You might have to update the VCS URL in the debian/control file to point to the correct repository.

fatal: repository 'https://anonscm.debian.org/git/collab-maint/libvncserver.git/' not found

Created: 2018-05-31 Last update: 2019-01-21 01:32

9 security issues in stretch high

There are 9 open security issues in stretch.

9 important issues:

CVE-2018-20024: LibVNC before commit 4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7 contains null pointer dereference in VNC client code that can result DoS.
CVE-2018-6307: LibVNC before commit ca2a5ac02fbbadd0a21fabba779c1ea69173d10b contains heap use-after-free vulnerability in server code of file transfer extension that can result remote code execution.
CVE-2018-20021: LibVNC before commit c3115350eb8bb635d0fdb4dbbb0d0541f38ed19c contains a CWE-835: Infinite loop vulnerability in VNC client code. Vulnerability allows attacker to consume excessive amount of resources like CPU and RAM
CVE-2018-20023: LibVNC before 8b06f835e259652b0ff026898014fc7297ade858 contains CWE-665: Improper Initialization vulnerability in VNC Repeater client code that allows attacker to read stack memory and can be abuse for information disclosure. Combined with another vulnerability, it can be used to leak stack memory layout and in bypassing ASLR
CVE-2018-20022: LibVNC before 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838 contains multiple weaknesses CWE-665: Improper Initialization vulnerability in VNC client code that allows attacker to read stack memory and can be abuse for information disclosure. Combined with another vulnerability, it can be used to leak stack memory layout and in bypassing ASLR
CVE-2018-20019: LibVNC before commit a83439b9fbe0f03c48eb94ed05729cb016f8b72f contains multiple heap out-of-bound write vulnerabilities in VNC client code that can result remote code execution
CVE-2018-15127: LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de contains heap out-of-bound write vulnerability in server code of file transfer extension that can result remote code execution
CVE-2018-20020: LibVNC before commit 7b1ef0ffc4815cab9a96c7278394152bdc89dc4d contains heap out-of-bound write vulnerability inside structure in VNC client code that can result remote code execution
CVE-2018-15126: LibVNC before commit 73cb96fec028a576a5a24417b57723b55854ad7b contains heap use-after-free vulnerability in server code of file transfer extension that can result remote code execution

Please fix them.

Created: 2018-12-20 Last update: 2019-01-17 06:33

lintian reports 2 errors and 7 warnings high

Lintian reports 2 errors and 7 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2016-01-25 Last update: 2019-01-16 09:14

Standards version of the package is outdated. high

The package is severely out of date with respect to the Debian Policy. The package should be updated to follow the last version of Debian Policy (Standards-Version 4.3.0 instead of 3.9.8).

Created: 2018-03-31 Last update: 2019-01-15 05:15

1 bug tagged patch in the BTS normal

The BTS contains patches fixing 1 bug, consider including or untagging them.

Created: 2018-10-01 Last update: 2019-01-21 22:09

The URL(s) for this package had some recent persistent issues low

DUCK reports some issues concerning upstream URLs defined for this package.

Created: 2019-01-12 Last update: 2019-01-21 21:06

news

[rss feed]

[2019-01-17] libvncserver 0.9.11+dfsg-1.2 MIGRATED to testing (Debian testing watch)
[2019-01-14] Accepted libvncserver 0.9.11+dfsg-1.2 (source) into unstable (Salvatore Bonaccorso)
[2018-12-25] Accepted libvncserver 0.9.9+dfsg2-6.1+deb8u4 (source amd64) into oldstable (Abhijith PA)
[2018-06-12] Accepted libvncserver 0.9.11+dfsg-1+deb9u1 (source amd64) into proposed-updates->stable-new, proposed-updates (Markus Koschany)
[2018-06-12] Accepted libvncserver 0.9.9+dfsg2-6.1+deb8u3 (source amd64) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Markus Koschany)
[2018-06-12] libvncserver 0.9.11+dfsg-1.1 MIGRATED to testing (Debian testing watch)
[2018-06-09] Accepted libvncserver 0.9.11+dfsg-1.1 (source) into unstable (Markus Koschany)
[2018-06-08] Accepted libvncserver 0.9.11+dfsg-1+deb9u1 (source amd64) into stable->embargoed, stable (Markus Koschany)
[2018-06-08] Accepted libvncserver 0.9.9+dfsg2-6.1+deb8u3 (source amd64) into oldstable->embargoed, oldstable (Markus Koschany)
[2018-03-30] Accepted libvncserver 0.9.9+dfsg-1+deb7u3 (source amd64) into oldoldstable (Abhijith PA) (signed by: Ola Lundqvist)
[2018-03-30] Accepted libvncserver 0.9.9+dfsg-1+deb7u3 (source amd64) into oldoldstable (Abhijith PA) (signed by: Ola Lundqvist)
[2017-01-07] libvncserver 0.9.11+dfsg-1 MIGRATED to testing (Debian testing watch)
[2017-01-06] Accepted libvncserver 0.9.9+dfsg2-6.1+deb8u2 (source amd64) into proposed-updates->stable-new, proposed-updates (Peter Spiess-Knafl) (signed by: Sebastien Delafond)
[2017-01-04] Accepted libvncserver 0.9.11+dfsg-1 (source amd64) into unstable (Peter Spiess-Knafl)
[2017-01-03] Accepted libvncserver 0.9.9+dfsg-1+deb7u2 (source amd64) into oldstable (Chris Lamb)
[2016-01-04] Accepted libvncserver 0.9.7-2+deb6u2 (source amd64) into squeeze-lts (Mike Gabriel)
[2015-06-17] libvncserver 0.9.10+dfsg-3 MIGRATED to testing (Britney)
[2015-06-11] Accepted libvncserver 0.9.10+dfsg-3 (source amd64) into unstable (Peter Spiess-Knafl)
[2015-06-01] libvncserver 0.9.10+dfsg-2 MIGRATED to testing (Britney)
[2015-05-27] Accepted libvncserver 0.9.9+dfsg2-6.1+deb8u1 (source amd64) into proposed-updates->stable-new, proposed-updates (Peter Spiess-Knafl)
[2015-05-25] Accepted libvncserver 0.9.10+dfsg-2 (source amd64) into unstable (Peter Spiess-Knafl)
[2015-04-14] Accepted libvncserver 0.9.7-2+deb6u1 (source amd64) into squeeze-lts (Nguyen Cong) (signed by: Raphaël Hertzog)
[2015-02-11] Accepted libvncserver 0.9.10+dfsg-1 (source amd64) into experimental, experimental (Peter Spiess-Knafl) (signed by: Luca Falavigna)
[2014-12-08] Accepted libvncserver 0.9.9+dfsg-1+deb7u1 (source amd64) into proposed-updates->stable-new, proposed-updates (Tobias Frost)
[2014-12-04] libvncserver 0.9.9+dfsg-6.1 MIGRATED to testing (Britney)
[2014-11-28] Accepted libvncserver 0.9.9+dfsg-6.1 (source amd64) into unstable (Tobias Frost)
[2014-08-18] libvncserver 0.9.9+dfsg-6 MIGRATED to testing (Britney)
[2014-08-12] Accepted libvncserver 0.9.9+dfsg-6 (source) into unstable (Luca Falavigna)
[2014-05-07] libvncserver 0.9.9+dfsg-5 MIGRATED to testing (Debian testing watch)
[2014-05-01] Accepted libvncserver 0.9.9+dfsg-5 (source amd64) (Luca Falavigna)

bugs [bug history graph]

all: 3
RC: 0
I&N: 3
M&W: 0
F&P: 0
patch: 1

links

homepage
lintian (2, 7)
buildd: logs, clang, reproducibility
popcon
debci
browse source code
edit tags
security tracker

ubuntu

[Information about Ubuntu for Debian Developers]

version: 0.9.11+dfsg-1.2
3 bugs