Publishing details
Changelog
italc (1:3.0.3+dfsg1-3ubuntu0.1) bionic-security; urgency=medium
* SECURITY UPDATE: merge security patches from debian for heap overflows
- debian/patches/libvncserver_CVE-2018-7225.patch: Uninitialized and
potentially sensitive data could be accessed by remote attackers because
the msg.cct.length in rfbserver.c was not sanitized.
- debian/patches/libvnc_server+client_CVE-2018-15127-CVE-2018-20019.patch:
heap out-of-bound write vulnerability.
- debian/patches/libvncclient_CVE-2018-20020.patch: heap out-of-bound
write vulnerability inside structure in VNC client code.
- debian/patches/libvncclient_CVE-2018-20021.patch: CWE-835: Infinite loop
vulnerability in VNC client code.
- debian/patches/libvncclient_CVE-2018-20022.patch: CWE-665: Improper
Initialization vulnerability.
- debian/patches/libvncclient_CVE-2018-20023.patch: Improper
Initialization vulnerability in VNC Repeater client code.
- debian/patches/libvncclient_CVE-2018-20024.patch: null pointer
dereference that can result DoS.
- debian/patches/libvncclient_CVE-2018-20748-1.patch: ignore server-sent
cut text longer than 1MB
- debian/patches/libvncclient_CVE-2018-20748-2.patch: ignore server-sent
reasong strings longer than 1MB
- debian/patches/libvncclient_CVE-2018-20748-3.patch: fail on server-sent
desktop name lengths longer than 1MB
- debian/patches/libvncclient_CVE-2018-20748-4.patch: remove now-useless
cast
- debian/patches/libvncserver_CVE-2018-20749.patch: incomplete fix for
CVE-2018-15127 oob heap writes.
- debian/patches/libvncserver_CVE-2018-20750.patch: incomplete fix for
CVE-2018-15127 oob heap writes.
- debian/patches/libvncserver_CVE-2019-15681.patch: rfbserver: don't leak
stack memory to the remote.
- CVE-2018-7225
- CVE-2018-15127
- CVE-2018-20019
- CVE-2018-20020
- CVE-2018-20021
- CVE-2018-20022
- CVE-2018-20023
- CVE-2018-20024
- CVE-2018-20748
- CVE-2018-20749
- CVE-2018-20750
- CVE-2019-15681
-- Mike Salvatore <email address hidden> Thu, 24 Sep 2020 11:19:00 -0400
Builds
Built packages
-
italc-client
intelligent Teaching And Learning with Computers - client
-
italc-client-dbgsym
debug symbols for italc-client
-
italc-management-console
intelligent Teaching And Learning with Computers - management console
-
italc-management-console-dbgsym
debug symbols for italc-management-console
-
italc-master
intelligent Teaching And Learning with Computers - master
-
italc-master-dbgsym
debug symbols for italc-master
-
libitalccore
intelligent Teaching And Learning with Computers - libraries
-
libitalccore-dbgsym
debug symbols for libitalccore
Package files