Revision Date: | 2020-12-01 | Version: | 1 |
Title: | Security update for LibVNCServer (Important) |
Description: |
This update for LibVNCServer fixes the following issues:
- security update - added patches fix CVE-2018-21247 [bsc#1173874], uninitialized memory contents are vulnerable to Information leak + LibVNCServer-CVE-2018-21247.patch fix CVE-2019-20839 [bsc#1173875], buffer overflow in ConnectClientToUnixSock() + LibVNCServer-CVE-2019-20839.patch fix CVE-2019-20840 [bsc#1173876], unaligned accesses in hybiReadAndDecode can lead to denial of service + LibVNCServer-CVE-2019-20840.patch fix CVE-2020-14398 [bsc#1173880], improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c + LibVNCServer-CVE-2020-14398.patch fix CVE-2020-14397 [bsc#1173700], NULL pointer dereference in libvncserver/rfbregion.c + LibVNCServer-CVE-2020-14397.patch fix CVE-2020-14399 [bsc#1173743], Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c. + LibVNCServer-CVE-2020-14399.patch fix CVE-2020-14400 [bsc#1173691], Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. + LibVNCServer-CVE-2020-14400.patch fix CVE-2020-14401 [bsc#1173694], potential integer overflows in libvncserver/scale.c + LibVNCServer-CVE-2020-14401.patch fix CVE-2020-14402 [bsc#1173701], out-of-bounds access via encodings. + LibVNCServer-CVE-2020-14402,14403,14404.patch fix CVE-2017-18922 [bsc#1173477], preauth buffer overwrite
|
Family: | unix | Class: | patch |
Status: | | Reference(s): | 1084671 1092920 1106383 1133495 1137595 1151377 1154256 1154862 1155207 1155574 1156213 1156482 1158485 1159814 1160571 1161436 1162108 1162689 1162691 1166238 1167373 1168994 1169659 1170313 1173477 1173691 1173694 1173700 1173701 1173743 1173874 1173875 1173876 1173880 1175626 1175656 CVE-2008-0928 CVE-2008-1945 CVE-2008-2382 CVE-2008-4539 CVE-2009-0037 CVE-2009-0688 CVE-2009-2417 CVE-2011-1000 CVE-2012-2738 CVE-2012-3515 CVE-2013-0249 CVE-2013-1431 CVE-2013-1944 CVE-2013-2174 CVE-2013-2492 CVE-2013-4148 CVE-2013-4149 CVE-2013-4150 CVE-2013-4151 CVE-2013-4526 CVE-2013-4527 CVE-2013-4529 CVE-2013-4530 CVE-2013-4531 CVE-2013-4533 CVE-2013-4534 CVE-2013-4535 CVE-2013-4536 CVE-2013-4537 CVE-2013-4538 CVE-2013-4539 CVE-2013-4540 CVE-2013-4541 CVE-2013-4542 CVE-2013-4544 CVE-2013-4545 CVE-2013-6399 CVE-2014-0015 CVE-2014-0138 CVE-2014-0139 CVE-2014-0142 CVE-2014-0143 CVE-2014-0144 CVE-2014-0145 CVE-2014-0146 CVE-2014-0147 CVE-2014-0150 CVE-2014-0182 CVE-2014-0222 CVE-2014-0223 CVE-2014-2653 CVE-2014-3461 CVE-2014-3613 CVE-2014-3620 CVE-2014-3640 CVE-2014-3707 CVE-2014-7840 CVE-2014-8106 CVE-2014-8150 CVE-2014-8767 CVE-2014-8768 CVE-2014-8769 CVE-2014-9140 CVE-2015-0261 CVE-2015-1779 CVE-2015-2153 CVE-2015-2154 CVE-2015-2155 CVE-2015-3138 CVE-2015-3143 CVE-2015-3144 CVE-2015-3145 CVE-2015-3148 CVE-2015-3153 CVE-2015-3209 CVE-2015-3456 CVE-2015-4037 CVE-2015-5154 CVE-2015-5225 CVE-2015-5278 CVE-2015-5279 CVE-2015-5352 CVE-2015-5600 CVE-2015-5745 CVE-2015-6563 CVE-2015-6564 CVE-2015-6815 CVE-2015-6855 CVE-2015-7295 CVE-2015-7512 CVE-2015-7549 CVE-2015-8345 CVE-2015-8504 CVE-2015-8558 CVE-2015-8567 CVE-2015-8568 CVE-2015-8613 CVE-2015-8619 CVE-2015-8743 CVE-2015-8744 CVE-2015-8745 CVE-2016-10028 CVE-2016-10155 CVE-2016-1568 CVE-2016-1714 CVE-2016-1922 CVE-2016-1981 CVE-2016-2198 CVE-2016-3710 CVE-2016-3712 CVE-2016-4002 CVE-2016-4020 CVE-2016-4439 CVE-2016-4441 CVE-2016-4453 CVE-2016-4454 CVE-2016-4952 CVE-2016-4964 CVE-2016-5105 CVE-2016-5106 CVE-2016-5107 CVE-2016-5126 CVE-2016-5238 CVE-2016-5337 CVE-2016-5338 CVE-2016-5403 CVE-2016-6351 CVE-2016-6490 CVE-2016-6833 CVE-2016-6836 CVE-2016-6888 CVE-2016-7116 CVE-2016-7155 CVE-2016-7156 CVE-2016-7157 CVE-2016-7161 CVE-2016-7170 CVE-2016-7421 CVE-2016-7422 CVE-2016-7423 CVE-2016-7466 CVE-2016-7907 CVE-2016-7908 CVE-2016-7909 CVE-2016-7922 CVE-2016-7923 CVE-2016-7924 CVE-2016-7925 CVE-2016-7926 CVE-2016-7927 CVE-2016-7928 CVE-2016-7929 CVE-2016-7930 CVE-2016-7931 CVE-2016-7932 CVE-2016-7933 CVE-2016-7934 CVE-2016-7935 CVE-2016-7936 CVE-2016-7937 CVE-2016-7938 CVE-2016-7939 CVE-2016-7940 CVE-2016-7973 CVE-2016-7974 CVE-2016-7975 CVE-2016-7983 CVE-2016-7984 CVE-2016-7985 CVE-2016-7986 CVE-2016-7992 CVE-2016-7993 CVE-2016-7994 CVE-2016-7995 CVE-2016-8574 CVE-2016-8575 CVE-2016-8576 CVE-2016-8577 CVE-2016-8578 CVE-2016-8667 CVE-2016-8668 CVE-2016-8669 CVE-2016-8909 CVE-2016-8910 CVE-2016-9101 CVE-2016-9102 CVE-2016-9103 CVE-2016-9104 CVE-2016-9105 CVE-2016-9106 CVE-2016-9381 CVE-2016-9602 CVE-2016-9776 CVE-2016-9845 CVE-2016-9846 CVE-2016-9907 CVE-2016-9908 CVE-2016-9911 CVE-2016-9912 CVE-2016-9913 CVE-2016-9921 CVE-2016-9922 CVE-2016-9923 CVE-2017-18922 CVE-2017-2615 CVE-2017-2620 CVE-2017-2630 CVE-2017-2633 CVE-2017-5202 CVE-2017-5203 CVE-2017-5204 CVE-2017-5205 CVE-2017-5341 CVE-2017-5342 CVE-2017-5482 CVE-2017-5483 CVE-2017-5484 CVE-2017-5485 CVE-2017-5486 CVE-2017-5525 CVE-2017-5526 CVE-2017-5552 CVE-2017-5578 CVE-2017-5579 CVE-2017-5667 CVE-2017-5856 CVE-2017-5857 CVE-2017-5898 CVE-2017-5931 CVE-2017-5973 CVE-2017-5987 CVE-2017-6058 CVE-2017-6369 CVE-2017-6505 CVE-2017-7471 CVE-2017-7493 CVE-2017-8112 CVE-2017-8309 CVE-2017-8379 CVE-2017-8380 CVE-2017-9503 CVE-2017-9524 CVE-2018-21247 CVE-2019-11703 CVE-2019-11704 CVE-2019-11705 CVE-2019-11706 CVE-2019-12519 CVE-2019-12521 CVE-2019-12528 CVE-2019-17498 CVE-2019-18860 CVE-2019-20386 CVE-2019-20503 CVE-2019-20839 CVE-2019-20840 CVE-2019-5188 CVE-2020-10713 CVE-2020-11945 CVE-2020-14397 CVE-2020-14398 CVE-2020-14399 CVE-2020-14400 CVE-2020-14401 CVE-2020-14402 CVE-2020-1712 CVE-2020-6805 CVE-2020-6806 CVE-2020-6807 CVE-2020-6811 CVE-2020-6812 CVE-2020-6814 CVE-2020-8517 SUSE-SU-2019:1495-1 SUSE-SU-2019:2900-2 SUSE-SU-2020:0265-1 SUSE-SU-2020:0335-1 SUSE-SU-2020:0721-1 SUSE-SU-2020:1156-1 SUSE-SU-2020:2626-1
|
Platform(s): | openSUSE Leap 15.0 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8
| Product(s): | |
Definition Synopsis |
openSUSE Leap 15.0 is installed AND Package Information
libsnmp30-5.7.3-lp150.5 is installed
OR net-snmp-5.7.3-lp150.5 is installed
OR perl-SNMP-5.7.3-lp150.5 is installed
OR snmp-mibs-5.7.3-lp150.5 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 11 SP3 is installed
AND Package Information
libmysql55client18-5.5.45-0.11 is installed
OR libmysql55client18-32bit-5.5.45-0.11 is installed
OR libmysql55client_r18-5.5.45-0.11 is installed
OR libmysql55client_r18-32bit-5.5.45-0.11 is installed
OR mysql-5.5.45-0.11 is installed
OR mysql-client-5.5.45-0.11 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 12 is installed
AND Package Information
icu-52.1-7 is installed
OR libicu52_1-52.1-7 is installed
OR libicu52_1-32bit-52.1-7 is installed
OR libicu52_1-data-52.1-7 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 12 SP1 is installed
AND Package Information
curl-7.37.0-15 is installed
OR libcurl4-7.37.0-15 is installed
OR libcurl4-32bit-7.37.0-15 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 12 SP2 is installed
AND Package Information
cyrus-sasl-2.1.26-7 is installed
OR cyrus-sasl-32bit-2.1.26-7 is installed
OR cyrus-sasl-crammd5-2.1.26-7 is installed
OR cyrus-sasl-crammd5-32bit-2.1.26-7 is installed
OR cyrus-sasl-digestmd5-2.1.26-7 is installed
OR cyrus-sasl-digestmd5-32bit-2.1.26-7 is installed
OR cyrus-sasl-gssapi-2.1.26-7 is installed
OR cyrus-sasl-gssapi-32bit-2.1.26-7 is installed
OR cyrus-sasl-plain-2.1.26-7 is installed
OR cyrus-sasl-plain-32bit-2.1.26-7 is installed
OR cyrus-sasl-saslauthd-2.1.26-7 is installed
OR libsasl2-3-2.1.26-7 is installed
OR libsasl2-3-32bit-2.1.26-7 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 12 SP3 is installed
AND libfbembed2_5-2.5.2.26539-15 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 12 SP4 is installed
AND Package Information
libXdmcp6-1.1.1-12 is installed
OR libXdmcp6-32bit-1.1.1-12 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
AND Package Information
LibVNCServer-0.9.10-4.22 is installed
OR LibVNCServer-devel-0.9.10-4.22 is installed
OR libvncserver0-0.9.10-4.22 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP1 is installed
AND Package Information
cups-1.7.5-9 is installed
OR cups-client-1.7.5-9 is installed
OR cups-libs-1.7.5-9 is installed
OR cups-libs-32bit-1.7.5-9 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP1-LTSS is installed
AND Package Information
kernel-default-3.12.74-60.64.51 is installed
OR kernel-default-base-3.12.74-60.64.51 is installed
OR kernel-default-devel-3.12.74-60.64.51 is installed
OR kernel-default-man-3.12.74-60.64.51 is installed
OR kernel-devel-3.12.74-60.64.51 is installed
OR kernel-macros-3.12.74-60.64.51 is installed
OR kernel-source-3.12.74-60.64.51 is installed
OR kernel-syms-3.12.74-60.64.51 is installed
OR kernel-xen-3.12.74-60.64.51 is installed
OR kernel-xen-base-3.12.74-60.64.51 is installed
OR kernel-xen-devel-3.12.74-60.64.51 is installed
OR kgraft-patch-3_12_74-60_64_51-default-1-2 is installed
OR kgraft-patch-3_12_74-60_64_51-xen-1-2 is installed
OR kgraft-patch-SLE12-SP1_Update_18-1-2 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP2 is installed
AND dnsmasq-2.71-10 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP2-BCL is installed
AND Package Information
ghostscript-9.26-23.16 is installed
OR ghostscript-x11-9.26-23.16 is installed
OR libspectre-0.2.7-12.4 is installed
OR libspectre1-0.2.7-12.4 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
AND Package Information
kgraft-patch-4_4_121-92_73-default-8-2 is installed
OR kgraft-patch-SLE12-SP2_Update_21-8-2 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP2-LTSS is installed
AND Package Information
java-1_7_1-ibm-1.7.1_sr4.30-38.26 is installed
OR java-1_7_1-ibm-alsa-1.7.1_sr4.30-38.26 is installed
OR java-1_7_1-ibm-devel-1.7.1_sr4.30-38.26 is installed
OR java-1_7_1-ibm-jdbc-1.7.1_sr4.30-38.26 is installed
OR java-1_7_1-ibm-plugin-1.7.1_sr4.30-38.26 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP3 is installed
AND coolkey-1.1.0-147 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP3-BCL is installed
AND Package Information
libssh2-1-1.4.3-20.9 is installed
OR libssh2-1-32bit-1.4.3-20.9 is installed
OR libssh2_org-1.4.3-20.9 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
AND Package Information
libvirt-3.3.0-5.40 is installed
OR libvirt-admin-3.3.0-5.40 is installed
OR libvirt-client-3.3.0-5.40 is installed
OR libvirt-daemon-3.3.0-5.40 is installed
OR libvirt-daemon-config-network-3.3.0-5.40 is installed
OR libvirt-daemon-config-nwfilter-3.3.0-5.40 is installed
OR libvirt-daemon-driver-interface-3.3.0-5.40 is installed
OR libvirt-daemon-driver-libxl-3.3.0-5.40 is installed
OR libvirt-daemon-driver-lxc-3.3.0-5.40 is installed
OR libvirt-daemon-driver-network-3.3.0-5.40 is installed
OR libvirt-daemon-driver-nodedev-3.3.0-5.40 is installed
OR libvirt-daemon-driver-nwfilter-3.3.0-5.40 is installed
OR libvirt-daemon-driver-qemu-3.3.0-5.40 is installed
OR libvirt-daemon-driver-secret-3.3.0-5.40 is installed
OR libvirt-daemon-driver-storage-3.3.0-5.40 is installed
OR libvirt-daemon-driver-storage-core-3.3.0-5.40 is installed
OR libvirt-daemon-driver-storage-disk-3.3.0-5.40 is installed
OR libvirt-daemon-driver-storage-iscsi-3.3.0-5.40 is installed
OR libvirt-daemon-driver-storage-logical-3.3.0-5.40 is installed
OR libvirt-daemon-driver-storage-mpath-3.3.0-5.40 is installed
OR libvirt-daemon-driver-storage-rbd-3.3.0-5.40 is installed
OR libvirt-daemon-driver-storage-scsi-3.3.0-5.40 is installed
OR libvirt-daemon-hooks-3.3.0-5.40 is installed
OR libvirt-daemon-lxc-3.3.0-5.40 is installed
OR libvirt-daemon-qemu-3.3.0-5.40 is installed
OR libvirt-daemon-xen-3.3.0-5.40 is installed
OR libvirt-doc-3.3.0-5.40 is installed
OR libvirt-libs-3.3.0-5.40 is installed
OR libvirt-lock-sanlock-3.3.0-5.40 is installed
OR libvirt-nss-3.3.0-5.40 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP3-LTSS is installed
AND Package Information
libsolv-0.6.36-2.27.19 is installed
OR libsolv-tools-0.6.36-2.27.19 is installed
OR libzypp-16.20.2-27.60 is installed
OR perl-solv-0.6.36-2.27.19 is installed
OR python-solv-0.6.36-2.27.19 is installed
OR zypper-1.13.54-18.40 is installed
OR zypper-log-1.13.54-18.40 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
AND unzip-6.00-33.8 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP4 is installed
AND apache2-mod_perl-2.0.8-11 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 15-LTSS is installed
AND Package Information
libssh2-1-1.8.0-4.10 is installed
OR libssh2-1-32bit-1.8.0-4.10 is installed
OR libssh2-devel-1.8.0-4.10 is installed
OR libssh2_org-1.8.0-4.10 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server for SAP Applications 15 is installed
AND squid-4.11-5.17 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Workstation Extension 15 is installed
AND Package Information
MozillaThunderbird-60.7.0-3.36 is installed
OR MozillaThunderbird-translations-common-60.7.0-3.36 is installed
OR MozillaThunderbird-translations-other-60.7.0-3.36 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
AND Package Information
MozillaThunderbird-68.6.0-3.74 is installed
OR MozillaThunderbird-translations-common-68.6.0-3.74 is installed
OR MozillaThunderbird-translations-other-68.6.0-3.74 is installed
|
Definition Synopsis |
SUSE OpenStack Cloud 6 is installed
AND Package Information
kernel-default-3.12.74-60.64.51 is installed
OR kernel-default-base-3.12.74-60.64.51 is installed
OR kernel-default-devel-3.12.74-60.64.51 is installed
OR kernel-devel-3.12.74-60.64.51 is installed
OR kernel-macros-3.12.74-60.64.51 is installed
OR kernel-source-3.12.74-60.64.51 is installed
OR kernel-syms-3.12.74-60.64.51 is installed
OR kernel-xen-3.12.74-60.64.51 is installed
OR kernel-xen-base-3.12.74-60.64.51 is installed
OR kernel-xen-devel-3.12.74-60.64.51 is installed
OR kgraft-patch-3_12_74-60_64_51-default-1-2 is installed
OR kgraft-patch-3_12_74-60_64_51-xen-1-2 is installed
OR kgraft-patch-SLE12-SP1_Update_18-1-2 is installed
|
Definition Synopsis |
SUSE OpenStack Cloud 7 is installed
AND Package Information
python-amqp-1.4.9-3.3 is installed
OR python-oslo.messaging-5.10.2-3.9 is installed
OR python-ovs-2.5.0-3.3 is installed
OR python-paramiko-2.0.9-3.6 is installed
OR python-psql2mysql-0.5.0+git.1539592188.13e5d0f-1.9 is installed
|
Definition Synopsis |
SUSE OpenStack Cloud 8 is installed
AND Package Information
libsolv-0.6.36-2.16 is installed
OR libsolv-tools-0.6.36-2.16 is installed
OR libzypp-16.20.0-2.39 is installed
OR perl-solv-0.6.36-2.16 is installed
OR python-solv-0.6.36-2.16 is installed
OR zypper-1.13.51-21.26 is installed
OR zypper-log-1.13.51-21.26 is installed
|