[SECURITY] Fedora 31 Update: libvncserver-0.9.13-2.fc31

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2020-37112ac660 2020-07-15 01:10:27.345442 -------------------------------------------------------------------------------- Name : libvncserver Product : Fedora 31 Version : 0.9.13 Release : 2.fc31 URL : http://libvnc.github.io/ Summary : Library to make writing a VNC server easy Description : LibVNCServer makes writing a VNC server (or more correctly, a program exporting a frame-buffer via the Remote Frame Buffer protocol) easy. It hides the programmer from the tedious task of managing clients and compression schemata. -------------------------------------------------------------------------------- Update Information: New upstream bugfix and security release. -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 2 2020 Rex Dieter <rdieter(a)fedoraproject.org&gt; - 0.9.13-2 - tls patches rebased * Thu Jul 2 2020 Rex Dieter <rdieter(a)fedoraproject.org&gt; - 0.9.13-1 - 0.9.13 - FIXME/TODO: tls patches need rebasing, work-in-progress * Tue Feb 11 2020 S��rgio Basto <sergio(a)serjux.com&gt; - 0.9.12-1 - Update to 0.9.12 * Wed Jan 29 2020 Fedora Release Engineering <releng(a)fedoraproject.org&gt; - 0.9.11-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #1849877 - CVE-2019-20839 libvncserver: "ConnectClientToUnixSock()" buffer overflow https://bugzilla.redhat.com/show_bug.cgi?id=1849877 [ 2 ] Bug #1849886 - CVE-2018-21247 libvncserver: uninitialized memory contents are vulnerable to Information Leak https://bugzilla.redhat.com/show_bug.cgi?id=1849886 [ 3 ] Bug #1852356 - CVE-2017-18922 libvncserver: websocket decoding buffer overflow https://bugzilla.redhat.com/show_bug.cgi?id=1852356 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-37112ac660' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------