| Revision Date: | 2013-10-22 | Version: | 636 |
| Title: | RHSA-2013:1452: vino security update (Moderate) |
| Description: | Vino is a Virtual Network Computing (VNC) server for GNOME. It allows remote users to connect to a running GNOME session using VNC.
A denial of service flaw was found in the way Vino handled certain authenticated requests from clients that were in the deferred state. A remote attacker could use this flaw to make the vino-server process enter an infinite loop when processing those incoming requests. (CVE-2013-5745)
All vino users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. The GNOME session must be restarted (log out, then log back in) for this update to take effect.
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | CVE-2013-5745
CVE-2013-5745
RHSA-2013:1452
RHSA-2013:1452-00
RHSA-2013:1452-01
|
| Platform(s): | Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
| Product(s): | |
| Definition Synopsis |
| Red Hat Enterprise Linux must be installed OR Package Information
Red Hat Enterprise Linux 6 is installed
AND vino is earlier than 0:2.28.1-9.el6_4
AND vino is signed with Red Hat redhatrelease2 key
OR Package Information
Red Hat Enterprise Linux 5 is installed
AND vino is earlier than 0:2.13.5-10.el5_10
AND vino is signed with Red Hat redhatrelease2 key
|