Debian Bug report logs -
#859259
tigervnc: CVE-2017-7392 CVE-2017-7393 CVE-2017-7394 CVE-2017-7395 CVE-2017-7396
Reported by: Salvatore Bonaccorso <carnil@debian.org>
Date: Sat, 1 Apr 2017 10:21:01 UTC
Severity: grave
Tags: patch, security, upstream
Found in version tigervnc/1.7.0+dfsg-6
Fixed in version tigervnc/1.7.0+dfsg-7
Done: Yaroslav Halchenko <debian@onerussian.com>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, TigerVNC Packaging Team <pkg-tigervnc-devel@lists.alioth.debian.org>:
Bug#859259; Package src:tigervnc.
(Sat, 01 Apr 2017 10:21:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
New Bug report received and forwarded. Copy sent to carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, TigerVNC Packaging Team <pkg-tigervnc-devel@lists.alioth.debian.org>.
(Sat, 01 Apr 2017 10:21:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: tigervnc
Version: 1.7.0+dfsg-6
Severity: grave
Tags: patch security upstream
Justification: user security hole
Hi,
the following vulnerabilities were published for tigervnc.
CVE-2017-7392[0]:
| In TigerVNC 1.7.1 (SSecurityVeNCrypt.cxx
| SSecurityVeNCrypt::SSecurityVeNCrypt), an unauthenticated client can
| cause a small memory leak in the server.
CVE-2017-7393[1]:
| In TigerVNC 1.7.1 (VNCSConnectionST.cxx VNCSConnectionST::fence), an
| authenticated client can cause a double free, leading to denial of
| service or potentially code execution.
CVE-2017-7394[2]:
| In TigerVNC 1.7.1 (SSecurityPlain.cxx SSecurityPlain::processMsg),
| unauthenticated users can crash the server by sending long usernames.
CVE-2017-7395[3]:
| In TigerVNC 1.7.1 (SMsgReader.cxx SMsgReader::readClientCutText), by
| causing an integer overflow, an authenticated client can crash the
| server.
CVE-2017-7396[4]:
| In TigerVNC 1.7.1 (CConnection.cxx CConnection::CConnection), an
| unauthenticated client can cause a small memory leak in the server.
If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2017-7392
[1] https://security-tracker.debian.org/tracker/CVE-2017-7393
[2] https://security-tracker.debian.org/tracker/CVE-2017-7394
[3] https://security-tracker.debian.org/tracker/CVE-2017-7395
[4] https://security-tracker.debian.org/tracker/CVE-2017-7396
Regards,
Salvatore
Reply sent
to Yaroslav Halchenko <debian@onerussian.com>:
You have taken responsibility.
(Sun, 09 Apr 2017 15:21:10 GMT) (full text, mbox, link).
Notification sent
to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer.
(Sun, 09 Apr 2017 15:21:10 GMT) (full text, mbox, link).
Message #10 received at 859259-close@bugs.debian.org (full text, mbox, reply):
Source: tigervnc
Source-Version: 1.7.0+dfsg-7
We believe that the bug you reported is fixed in the latest version of
tigervnc, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 859259@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Yaroslav Halchenko <debian@onerussian.com> (supplier of updated tigervnc package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sun, 09 Apr 2017 10:38:13 -0400
Source: tigervnc
Binary: tigervnc-common tigervnc-scraping-server tigervnc-standalone-server tigervnc-xorg-extension tigervnc-viewer
Architecture: source amd64
Version: 1.7.0+dfsg-7
Distribution: unstable
Urgency: high
Maintainer: TigerVNC Packaging Team <pkg-tigervnc-devel@lists.alioth.debian.org>
Changed-By: Yaroslav Halchenko <debian@onerussian.com>
Description:
tigervnc-common - Virtual network computing; Common software needed by servers
tigervnc-scraping-server - Virtual network computing server performing X screen scraping
tigervnc-standalone-server - Standalone virtual network computing server
tigervnc-viewer - Virtual network computing client for X
tigervnc-xorg-extension - Virtual network computing X server extension
Closes: 858048 859141 859259
Changes:
tigervnc (1.7.0+dfsg-7) unstable; urgency=high
.
[ Joachim Falk ]
* Fixed the following security vulnerabilities (Closes: #859259):
- Fix SSecurityVeNCrypt.cxx; SSecurityVeNCrypt::SSecurityVeNCrypt.
An unauthenticated client can cause a small memory leak in the server.
(CVE-2017-7392)
- Fix VNCSConnectionST.cxx VNCSConnectionST::fence. An authenticated client
can cause a double free, leading to denial of service or potentially code
execution. (CVE-2017-7393)
- Fix SSecurityPlain.cxx SSecurityPlain::processMsg. An unauthenticated
users can crash the server by sending long usernames. (CVE-2017-7394)
- Fix SMsgReader.cxx SMsgReader::readClientCutText. An authenticated client
can crash the server by causing an integer overflow. (CVE-2017-7395)
- Fix CConnection.cxx CConnection::CConnection. An unauthenticated client
can cause a small memory leak in the server. (CVE-2017-7396)
* The tigervncserver wrapper script gives up and kills the server it
just started if it doesn't have its VNC-TCP and X11-unix sockets up and
running within a second. However, if a machine is a bit bogged down,
this can prevent starting the server at all, for no good reason.
Thus, the timeout has been increased to 30 seconds. (Closes: #859141)
* Refreshed dependencies for Xtigervnc server build from xorg-server-1.19.2
used in stretch. (Closes: #858048)
Checksums-Sha1:
e83c6e2be667ed68767595f9b3b1f86a66509853 4638 tigervnc_1.7.0+dfsg-7.dsc
df26e9bc9ab34829a90f2db411a09feabe1b540a 57760 tigervnc_1.7.0+dfsg-7.debian.tar.xz
4d1a2d913a0d5ab06beeb1c5ca101f00b78a1835 235956 tigervnc-common-dbgsym_1.7.0+dfsg-7_amd64.deb
c9bb4ee62360957f2ebd46f580e8382cc18d4c7d 66928 tigervnc-common_1.7.0+dfsg-7_amd64.deb
26dc038af50e87c1195deac915ef2c3b8ea701b5 1154958 tigervnc-scraping-server-dbgsym_1.7.0+dfsg-7_amd64.deb
854ab4d334b4615a3e2c31c9292eaf9fb00884db 189296 tigervnc-scraping-server_1.7.0+dfsg-7_amd64.deb
2df7dd4150e02b3e3c081d73468be05ae710a6b8 5837464 tigervnc-standalone-server-dbgsym_1.7.0+dfsg-7_amd64.deb
b57b33a1a8feeb4a5dcfc9942529b053f895ddfc 996756 tigervnc-standalone-server_1.7.0+dfsg-7_amd64.deb
d15dbfed80255abdea30c9567272d9e2df28e57b 1011040 tigervnc-viewer-dbgsym_1.7.0+dfsg-7_amd64.deb
deaf426a481f7ad29824345791b629505ca6ff62 167946 tigervnc-viewer_1.7.0+dfsg-7_amd64.deb
c990f0d15cbd76226fd5f3b6aac1c4bfb804222a 1311854 tigervnc-xorg-extension-dbgsym_1.7.0+dfsg-7_amd64.deb
e4967023ff3b643f3ea8a6790437d56cec976cba 198124 tigervnc-xorg-extension_1.7.0+dfsg-7_amd64.deb
42cfd52e46b23cf54849a4a1a53308d3b567e068 15179 tigervnc_1.7.0+dfsg-7_amd64.buildinfo
Checksums-Sha256:
89d473a427dfd16ac8253363c1b3a0c8357fea5374342e66a996f2a4b279db91 4638 tigervnc_1.7.0+dfsg-7.dsc
a5381de7e776945dd83a5b7066a18b1808bfa474cf6e9c4aa357b291a5c9931d 57760 tigervnc_1.7.0+dfsg-7.debian.tar.xz
2e16854b7897f2a9ea0496f81113aae996bca13939a66147674f0b17f7897a87 235956 tigervnc-common-dbgsym_1.7.0+dfsg-7_amd64.deb
268d5bad63f50b2ed92e858a4d8cad8e7d0bc14960ed84f083f24d3d4132aeec 66928 tigervnc-common_1.7.0+dfsg-7_amd64.deb
a12c36eef62f6e1aec534e7eefcbfd28a23e0fcf440ffa5ef7cb8d64484e153c 1154958 tigervnc-scraping-server-dbgsym_1.7.0+dfsg-7_amd64.deb
849976b367cd8c3cbf2a7321d9d9737ebb5be6e9d618e4b69cc557d0450bb494 189296 tigervnc-scraping-server_1.7.0+dfsg-7_amd64.deb
b5d6453556ec1f4212956c740f9f5cd6f03e85b02215da5d9a3dfa8834439dd8 5837464 tigervnc-standalone-server-dbgsym_1.7.0+dfsg-7_amd64.deb
a6a46d95aa98edbd60da85a0649c13066b9a245c481ab572af1febfc030df710 996756 tigervnc-standalone-server_1.7.0+dfsg-7_amd64.deb
130fa3f6fd1e796e7948607f209b83b26d60085e4c6739594afb175905d32482 1011040 tigervnc-viewer-dbgsym_1.7.0+dfsg-7_amd64.deb
20c810578dc9abe3d34cf971421dc265d43f6866f08418ae65686dc02151d910 167946 tigervnc-viewer_1.7.0+dfsg-7_amd64.deb
3928b06fd93c33c952d530844e2c7699fe8880e4b61e0f3e655dd764e416f881 1311854 tigervnc-xorg-extension-dbgsym_1.7.0+dfsg-7_amd64.deb
c8446f38aa10ea4a697b641547e73ef413ff949aa0993df3c67b4ce9407a48ec 198124 tigervnc-xorg-extension_1.7.0+dfsg-7_amd64.deb
4359a07ef3663cd1460e5921542daf99dd00ca0c90a61c5b5900de07cc690f39 15179 tigervnc_1.7.0+dfsg-7_amd64.buildinfo
Files:
eff32b5fc4ccb1d3f5bb421fdeafc3ba 4638 x11 optional tigervnc_1.7.0+dfsg-7.dsc
bc1cc12c6c29536e57aca8d0f71dfc96 57760 x11 optional tigervnc_1.7.0+dfsg-7.debian.tar.xz
6d38e304ed8423367558318dc8b71ebb 235956 debug extra tigervnc-common-dbgsym_1.7.0+dfsg-7_amd64.deb
fda88a7354526b646f4e42245bbe9a50 66928 x11 optional tigervnc-common_1.7.0+dfsg-7_amd64.deb
ffede2377f07b9df83304c33beb6b301 1154958 debug extra tigervnc-scraping-server-dbgsym_1.7.0+dfsg-7_amd64.deb
7d65d6245fe2f8b4177881d7430deff0 189296 x11 optional tigervnc-scraping-server_1.7.0+dfsg-7_amd64.deb
52723e83298de5636f5de5bf22bd5416 5837464 debug extra tigervnc-standalone-server-dbgsym_1.7.0+dfsg-7_amd64.deb
d81f65454dc51601e1af7c67035c36a1 996756 x11 optional tigervnc-standalone-server_1.7.0+dfsg-7_amd64.deb
37a05f45090a80553def238b54952aae 1011040 debug extra tigervnc-viewer-dbgsym_1.7.0+dfsg-7_amd64.deb
800085b3572aa5805f84564510cb2ae8 167946 x11 optional tigervnc-viewer_1.7.0+dfsg-7_amd64.deb
30337e371f42aac7f1f3236cfeb6f7c6 1311854 debug extra tigervnc-xorg-extension-dbgsym_1.7.0+dfsg-7_amd64.deb
ead9b89d1a554f7fcf5f2bf31e238745 198124 x11 optional tigervnc-xorg-extension_1.7.0+dfsg-7_amd64.deb
b8e338d5b3ad38326e54e0b1c6ac451f 15179 x11 optional tigervnc_1.7.0+dfsg-7_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEExbkF8OjZ/ZZo/zZvot4jUGLaM/oFAljqTnQACgkQot4jUGLa
M/pF8A//c4/ZASvDYbKNSyluZH28pAyF2uui11DiGI0XeOqDxr1gL2yazMfUij4t
NEzuq0VWC0pWXERe9z77IdZ2aUVH8QxRca1QitAD/rRqG1FwuxfR1SaN+2VgQWib
THXH9x2x+l7EI79ti/vScdQIZHbIP2CqirBv+V/y1KFNVZEuEWStPWz/ZH+J9lkv
07wZNfjYlfZiZsfdoXrlZQj4lCjMXZnnaCfWnOQmhys5dURHJxR8AfLrTEeb5CSr
h9/SJM/jfmzk44+28+7EYhYRHnSR0IhOOhrjj1z1IsG/HhVgT0WVtDd8b+SNxksa
1xFBr3sus6JZzHsUIlBODcINL6tA7d78w25na//LVykvqIruRQsU8ubbzfiDqSFR
5fwQRVGQM6DjAl/iqAnpR7smoGcRTu7MH8kq35bF2Tth50zW4Lv49yUcuDvFxFJb
nUAHUJQc25KosWxCIyBy8NJ1xij+VxS/XyYdCMKEjFgdERU7zk3+1B0vmgMnkt7r
4lZ0mu05uornDg6OlNaRmThsYO23A72wre9qhzDqDsvQPXY3NssvJe/VtzwcJCNl
doqQ7Xt0E+teVd0PLrCHWKCV7Rz7m0Ht0Pixhb5fj6Xk27iH8lbnfmJl7eFXmVDg
bQHH2spL0kPy3ePDolLO6ylPm4xKHF+24fqQRMbKHc1YS2wDT7g=
=L9Ki
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Wed, 10 May 2017 07:27:35 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 17:52:10 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon