--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2020-37112ac660
2020-07-15 01:10:27.345442
--------------------------------------------------------------------------------
Name : libvncserver
Product : Fedora 31
Version : 0.9.13
Release : 2.fc31
URL :
http://libvnc.github.io/
Summary : Library to make writing a VNC server easy
Description :
LibVNCServer makes writing a VNC server (or more correctly, a program exporting
a frame-buffer via the Remote Frame Buffer protocol) easy.
It hides the programmer from the tedious task of managing clients and
compression schemata.
--------------------------------------------------------------------------------
Update Information:
New upstream bugfix and security release.
--------------------------------------------------------------------------------
ChangeLog:
* Thu Jul 2 2020 Rex Dieter <rdieter(a)fedoraproject.org> - 0.9.13-2
- tls patches rebased
* Thu Jul 2 2020 Rex Dieter <rdieter(a)fedoraproject.org> - 0.9.13-1
- 0.9.13
- FIXME/TODO: tls patches need rebasing, work-in-progress
* Tue Feb 11 2020 S��rgio Basto <sergio(a)serjux.com> - 0.9.12-1
- Update to 0.9.12
* Wed Jan 29 2020 Fedora Release Engineering <releng(a)fedoraproject.org> - 0.9.11-11
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1849877 - CVE-2019-20839 libvncserver: "ConnectClientToUnixSock()"
buffer overflow
https://bugzilla.redhat.com/show_bug.cgi?id=1849877
[ 2 ] Bug #1849886 - CVE-2018-21247 libvncserver: uninitialized memory contents are
vulnerable to Information Leak
https://bugzilla.redhat.com/show_bug.cgi?id=1849886
[ 3 ] Bug #1852356 - CVE-2017-18922 libvncserver: websocket decoding buffer overflow
https://bugzilla.redhat.com/show_bug.cgi?id=1852356
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-37112ac660' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------