Ubuntu
libvncserver package

Change logs for libvncserver source package in Cosmic

Cosmic (18.10)
Change log

libvncserver (0.9.11+dfsg-1.1ubuntu0.1) cosmic-security; urgency=medium

  * SECURITY UPDATE: Multiple security issues
    - debian/patches/CVE-2018-*.patch: add upstream commits to fix
      multiple security issues.
    - debian/libvncserver1.symbols: updated for new symbols.
    - CVE-2018-6307, CVE-2018-15126, CVE-2018-15127, CVE-2018-20019,
      CVE-2018-20020, CVE-2018-20021, CVE-2018-20022, CVE-2018-20023,
      CVE-2018-20024, CVE-2018-20748, CVE-2018-20749, CVE-2018-20750

 -- Marc Deslauriers <email address hidden>  Wed, 30 Jan 2019 13:18:06 -0500

libvncserver (0.9.11+dfsg-1.1) unstable; urgency=high

  * Non-maintainer upload.
  * Fix CVE-2018-7225: Uninitialized and potentially sensitive data could be
    accessed by remote attackers because the msg.cct.length in rfbserver.c was
    not sanitized. (Closes: #894045)

 -- Markus Koschany <email address hidden>  Tue, 05 Jun 2018 14:43:47 +0200

libvncserver (0.9.11+dfsg-1ubuntu1) bionic; urgency=medium

  * SECURITY UPDATE: integer overflow or memory access
    - debian/patches/CVE-2018-7225.patch: limit client cut text length to
      1 MB in libvncserver/rfbserver.c.
    - CVE-2018-7225

 -- Marc Deslauriers <email address hidden>  Fri, 30 Mar 2018 10:33:35 -0400

Ubuntulibvncserver package

Change logs for libvncserver source package in Cosmic

Ubuntu
libvncserver package