libvncserver: CVE-2016-9942

Debian Bug report logs - #850008
libvncserver: CVE-2016-9942

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: libvncserver: CVE-2016-9942

Date: Tue, 03 Jan 2017 07:13:34 +0100

Source: libvncserver
Version: 0.9.10+dfsg-3
Severity: grave
Tags: security patch upstream
Justification: user security hole

Hi,

the following vulnerability was published for libvncserver.

CVE-2016-9942[0]:
| Heap-based buffer overflow in ultra.c in LibVNCClient in LibVNCServer
| before 0.9.11 allows remote servers to cause a denial of service
| (application crash) or possibly execute arbitrary code via a crafted
| FramebufferUpdate message with the Ultra type tile, such that the LZO
| payload decompressed length exceeds what is specified by the tile
| dimensions.

Fixing commit in [1].

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2016-9942
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9942
[1] https://github.com/LibVNC/libvncserver/pull/137/commits/5fff4353f66427b467eb29e5fdc1da4f2be028bb

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Message #14 received at 850008-submitter@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>

To: control@bugs.debian.org

Cc: 850007-submitter@bugs.debian.org, 850008-submitter@bugs.debian.org

Subject: closing 850007, closing 850008

Date: Thu, 05 Jan 2017 07:35:07 +0100

close 850007 0.9.11+dfsg-1
close 850008 0.9.11+dfsg-1
thanks

Message #23 received at 850008-close@bugs.debian.org (full text, mbox, reply):

From: Peter Spiess-Knafl <dev@spiessknafl.at>

To: 850008-close@bugs.debian.org

Subject: Bug#850008: fixed in libvncserver 0.9.9+dfsg2-6.1+deb8u2

Date: Fri, 06 Jan 2017 21:17:30 +0000

Source: libvncserver
Source-Version: 0.9.9+dfsg2-6.1+deb8u2

We believe that the bug you reported is fixed in the latest version of
libvncserver, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 850008@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Peter Spiess-Knafl <dev@spiessknafl.at> (supplier of updated libvncserver package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 03 Jan 2017 09:41:51 +0100
Source: libvncserver
Binary: libvncclient0 libvncserver0 libvncserver-dev libvncserver-config libvncclient0-dbg libvncserver0-dbg linuxvnc
Architecture: source amd64
Version: 0.9.9+dfsg2-6.1+deb8u2
Distribution: stable
Urgency: high
Maintainer: Peter Spiess-Knafl <dev@spiessknafl.at>
Changed-By: Peter Spiess-Knafl <dev@spiessknafl.at>
Description:
 libvncclient0 - API to write one's own vnc server - client library
 libvncclient0-dbg - debugging symbols for libvncclient
 libvncserver-config - API to write one's own vnc server - library utility
 libvncserver-dev - API to write one's own vnc server - development files
 libvncserver0 - API to write one's own vnc server
 libvncserver0-dbg - debugging symbols for libvncserver
 linuxvnc   - VNC server to allow remote access to a tty
Closes: 850007 850008
Changes:
 libvncserver (0.9.9+dfsg2-6.1+deb8u2) jessie-security; urgency=high
 .
   * CVE-2016-9941 (Closes: #850007)
   * CVE-2016-9942 (Closes: #850008)
Checksums-Sha1:
 9caa759ebb3093e90184bf3c427d44fd4024c536 2112 libvncserver_0.9.9+dfsg2-6.1+deb8u2.dsc
 ff75c4a9dfab5eb7e3b2e1b5dcf4db968bf94b08 865281 libvncserver_0.9.9+dfsg2.orig.tar.gz
 3dc514212dc31a8b874b9fe18960787ed0fa29ea 29080 libvncserver_0.9.9+dfsg2-6.1+deb8u2.debian.tar.xz
 b0297074a8e2fd12c5c1b92f9c2e6ae40f4a0379 124740 libvncclient0_0.9.9+dfsg2-6.1+deb8u2_amd64.deb
 3316ecdc36182d62022852342bf3dbd6ad942620 191688 libvncserver0_0.9.9+dfsg2-6.1+deb8u2_amd64.deb
 8c50cd94f1ad9ef257016e76e77e4f5a47c25fd9 275526 libvncserver-dev_0.9.9+dfsg2-6.1+deb8u2_amd64.deb
 ad62d44ff841d9cf85f23459a3992bf2ba86ba80 90220 libvncserver-config_0.9.9+dfsg2-6.1+deb8u2_amd64.deb
 4cfe6a9223a47d7671fa605b17340b1f0b05a89c 182746 libvncclient0-dbg_0.9.9+dfsg2-6.1+deb8u2_amd64.deb
 e8cb7966ad93ef41d7a25443d3e30460af19b869 382596 libvncserver0-dbg_0.9.9+dfsg2-6.1+deb8u2_amd64.deb
 55ab6930dabed4705bd93ace67c49404a1ddb9c2 86312 linuxvnc_0.9.9+dfsg2-6.1+deb8u2_amd64.deb
Checksums-Sha256:
 4626f3c40f9795ed177560dab3e6be397c8ed3c2acc2a4b5e5f239d3d3cc5008 2112 libvncserver_0.9.9+dfsg2-6.1+deb8u2.dsc
 9c61fd5c990e16d6aa41bcf5d0eed790a10f3547426fbad46ba145e9900601ed 865281 libvncserver_0.9.9+dfsg2.orig.tar.gz
 9b97718c8f288d9d7e8836b171fc05b494f94c150fe531e395ca41f6f910e926 29080 libvncserver_0.9.9+dfsg2-6.1+deb8u2.debian.tar.xz
 4f8b82e42167b51b4cf805f690ff1072980979397b8a1fbde00aa4c9483d4767 124740 libvncclient0_0.9.9+dfsg2-6.1+deb8u2_amd64.deb
 720ae4510be02f0c92ca61a4570ba4b87ade0b7cd2ef7f85eccebcdae47de8c7 191688 libvncserver0_0.9.9+dfsg2-6.1+deb8u2_amd64.deb
 c26f854c9a3dc14d975ddbab39e1468a5b5c0bb6156293bde4ee1de1b355535e 275526 libvncserver-dev_0.9.9+dfsg2-6.1+deb8u2_amd64.deb
 bdaa56c2f31cbc6d8a0acb0f320c9bb59cb5a72afb4672b2b24a7fda7962ee6c 90220 libvncserver-config_0.9.9+dfsg2-6.1+deb8u2_amd64.deb
 915963a4f082f3c215bf99fe26772ea402e8485931dd5d40a5af1abcf1a9d306 182746 libvncclient0-dbg_0.9.9+dfsg2-6.1+deb8u2_amd64.deb
 0b1d8d5cf49bee9452718730c64d5f8c4268d3825908bb9b2f92a4cf5597b44c 382596 libvncserver0-dbg_0.9.9+dfsg2-6.1+deb8u2_amd64.deb
 dc7aa528c958e47f7bf6c3320aa73ebb0342b46977f641e4966763ca87016bb5 86312 linuxvnc_0.9.9+dfsg2-6.1+deb8u2_amd64.deb
Files:
 99df277c5dfaabd398576af3c7b34a13 2112 libs optional libvncserver_0.9.9+dfsg2-6.1+deb8u2.dsc
 3d208f2769778f0fa82ed734aecefb47 865281 libs optional libvncserver_0.9.9+dfsg2.orig.tar.gz
 6e13edd39ae2fac3c55c3b18ebfa72ce 29080 libs optional libvncserver_0.9.9+dfsg2-6.1+deb8u2.debian.tar.xz
 909db13f66a7a341b5c0a2a192f133b7 124740 libs optional libvncclient0_0.9.9+dfsg2-6.1+deb8u2_amd64.deb
 4d0f2abe0f8035f7cdf3b507f6f5fbd5 191688 libs optional libvncserver0_0.9.9+dfsg2-6.1+deb8u2_amd64.deb
 ab94d24fdbe75dd9bca27f2dd3e269e2 275526 libdevel optional libvncserver-dev_0.9.9+dfsg2-6.1+deb8u2_amd64.deb
 a04b6aeace860284911a4d88d5718333 90220 libdevel optional libvncserver-config_0.9.9+dfsg2-6.1+deb8u2_amd64.deb
 eba106d20addf996184019021b87d3fc 182746 debug extra libvncclient0-dbg_0.9.9+dfsg2-6.1+deb8u2_amd64.deb
 9c214e57649e72699b8349a353f65fd8 382596 debug extra libvncserver0-dbg_0.9.9+dfsg2-6.1+deb8u2_amd64.deb
 9bdf6a5f085e4682ca2a2f80fecf2ded 86312 net optional linuxvnc_0.9.9+dfsg2-6.1+deb8u2_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQEzBAEBCgAdFiEEAqSkbVtrXP4xJMh4EL6Jg/PVnWQFAlhuObkACgkQEL6Jg/PV
nWSyvQf/eCahPu32bXYxL8QnUR/deYWnjoJqlDP21uJn8ASZr50g9NCbbezZ+ykE
1N+ff7fiKwNLALrehgk2cA8j5AbrYh99kEJR6JDZfadr0r9sCxA7NTkdzMagzRCq
WjLxKRbZa1JGhZ8hkJ/r1kt1G2Axeafv/IfNDvb07xYpMEXfD7ZAUZh7kNbW3P/g
JTSFVf1gQaPUqzxlAFU0WpEyPhg3LGhx514oNb+dUl0DDEkjjjYCftSizPnwh4+r
SyPFaRXWfvDhimDngEu1oW4kCx3yz8IKYxXq0UWlmkOTEgdoA9stZGc8iCFdgO/Y
wIsSOIvnnDO8Y/H+5843bNNNgnW9Vg==
=zMa/
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.