libvncserver (0.9.9+dfsg-1ubuntu1.3) trusty-security; urgency=medium * SECURITY UPDATE: integer overflow or memory access - debian/patches/CVE-2018-7225.patch: limit client cut text length to 1 MB in libvncserver/rfbserver.c. - CVE-2018-7225 -- Marc Deslauriers <email address hidden> Fri, 30 Mar 2018 10:46:20 -0400