Oval Definition:oval:org.opensuse.security:def:58312
Revision Date:2020-12-01Version:1
Title:Security update for LibVNCServer (Important)
Description:

This update for LibVNCServer fixes the following issues:

- security update fix CVE-2018-21247 [bsc#1173874], uninitialized memory contents are vulnerable to Information leak fix CVE-2019-20839 [bsc#1173875], buffer overflow in ConnectClientToUnixSock() fix CVE-2019-20840 [bsc#1173876], unaligned accesses in hybiReadAndDecode can lead to denial of service fix CVE-2020-14398 [bsc#1173880], improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c fix CVE-2020-14397 [bsc#1173700], NULL pointer dereference in libvncserver/rfbregion.c fix CVE-2020-14399 [bsc#1173743], Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c. fix CVE-2020-14400 [bsc#1173691], Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. fix CVE-2020-14401 [bsc#1173694], potential integer overflows in libvncserver/scale.c fix CVE-2020-14402 [bsc#1173701], out-of-bounds access via encodings. fix CVE-2020-14403 [bsc#1173701], out-of-bounds access via encodings. fix CVE-2020-14404 [bsc#1173701], out-of-bounds access via encodings. fix CVE-2017-18922 [bsc#1173477], preauth buffer overwrite
Family:unixClass:patch
Status:Reference(s):1000092
1000619
1002991
1002995
1002998
1003000
1003002
1003012
1003017
1003023
1003077
1005918
1006469
1006472
1007729
1008742
1009085
1009546
1009674
1009718
1009911
1010612
1010690
1010933
1011176
1011602
1011660
1011913
1012382
1012422
1012829
1012910
1013000
1013001
1013273
1013540
1013792
1013994
1014120
1014410
1014437
1014441
1014442
1015038
1015367
1015840
1016250
1016403
1016517
1016884
1016979
1017164
1017170
1017410
1018100
1018316
1018358
1018446
1018813
1018913
1019061
1019148
1019168
1019260
1019351
1019594
1019630
1019631
1019784
1019851
1020048
1020214
1020488
1020602
1020685
1020817
1020945
1020975
1021082
1021248
1021251
1021258
1021260
1021294
1021455
1021474
1022304
1022429
1022476
1022547
1022559
1022971
1023101
1023175
1023762
1023884
1023888
1024081
1024234
1024508
1024938
1025235
1046856
1049825
1088004
1088009
1088681
1090518
1091836
1109893
1110542
1111319
1112911
1113296
1114674
1116995
1120629
1120630
1120631
1121571
1121816
1121818
1121821
1127155
1130324
1130840
1131823
1134226
1136446
1137597
1137832
1137977
1140039
1140747
1141853
1145521
1149955
1153238
1162423
1163102
1163103
1163104
1173274
1173477
1173691
1173694
1173700
1173701
1173743
1173874
1173875
1173876
1173880
1174091
1174701
1176421
921494
959709
964944
969476
969477
969479
971975
974215
981709
982783
985561
987192
987576
989056
991273
998106
CVE-2015-8709
CVE-2016-2123
CVE-2016-2125
CVE-2016-2126
CVE-2016-5407
CVE-2016-7117
CVE-2016-7942
CVE-2016-7944
CVE-2016-7945
CVE-2016-7946
CVE-2016-7947
CVE-2016-7948
CVE-2016-7949
CVE-2016-7950
CVE-2016-7951
CVE-2016-7952
CVE-2016-7953
CVE-2016-9806
CVE-2017-1000083
CVE-2017-18922
CVE-2017-2583
CVE-2017-2584
CVE-2017-5551
CVE-2017-5576
CVE-2017-5577
CVE-2017-5897
CVE-2017-5970
CVE-2017-5986
CVE-2018-14647
CVE-2018-18311
CVE-2018-20532
CVE-2018-20533
CVE-2018-20534
CVE-2018-20685
CVE-2018-20852
CVE-2018-21247
CVE-2018-2755
CVE-2018-2761
CVE-2018-2766
CVE-2018-2767
CVE-2018-2771
CVE-2018-2781
CVE-2018-2782
CVE-2018-2784
CVE-2018-2787
CVE-2018-2813
CVE-2018-2817
CVE-2018-2819
CVE-2019-11477
CVE-2019-11478
CVE-2019-12749
CVE-2019-15604
CVE-2019-15605
CVE-2019-15606
CVE-2019-16056
CVE-2019-16935
CVE-2019-20839
CVE-2019-20840
CVE-2019-20907
CVE-2019-3846
CVE-2019-6109
CVE-2019-6110
CVE-2019-6111
CVE-2019-9924
CVE-2019-9947
CVE-2020-14397
CVE-2020-14398
CVE-2020-14399
CVE-2020-14400
CVE-2020-14401
CVE-2020-14402
CVE-2020-14403
CVE-2020-14404
CVE-2020-14422
CVE-2020-15169
SUSE-SU-2016:2828-1
SUSE-SU-2016:3271-1
SUSE-SU-2017:0575-1
SUSE-SU-2017:2390-1
SUSE-SU-2018:1661-1
SUSE-SU-2019:0132-1
SUSE-SU-2019:0838-2
SUSE-SU-2019:1591-1
SUSE-SU-2020:0488-1
SUSE-SU-2020:2167-1
SUSE-SU-2020:2686-1
SUSE-SU-2020:2699-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • gpg2-2.2.5-lp150.2 is installed
  • OR gpg2-lang-2.2.5-lp150.2 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • python-Twisted-17.9.0-lp151.3.3 is installed
  • OR python-Twisted-doc-17.9.0-lp151.3.3 is installed
  • OR python2-Twisted-17.9.0-lp151.3.3 is installed
  • OR python3-Twisted-17.9.0-lp151.3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libX11-1.6.2-8 is installed
  • OR libX11-6-1.6.2-8 is installed
  • OR libX11-6-32bit-1.6.2-8 is installed
  • OR libX11-data-1.6.2-8 is installed
  • OR libX11-xcb1-1.6.2-8 is installed
  • OR libX11-xcb1-32bit-1.6.2-8 is installed
  • OR libXfixes-5.0.1-7 is installed
  • OR libXfixes3-5.0.1-7 is installed
  • OR libXfixes3-32bit-5.0.1-7 is installed
  • OR libXi-1.7.4-14 is installed
  • OR libXi6-1.7.4-14 is installed
  • OR libXi6-32bit-1.7.4-14 is installed
  • OR libXrender-0.9.8-7 is installed
  • OR libXrender1-0.9.8-7 is installed
  • OR libXrender1-32bit-0.9.8-7 is installed
  • OR libXtst-1.2.2-7 is installed
  • OR libXtst6-1.2.2-7 is installed
  • OR libXtst6-32bit-1.2.2-7 is installed
  • OR libXv-1.0.10-7 is installed
  • OR libXv1-1.0.10-7 is installed
  • OR libXv1-32bit-1.0.10-7 is installed
  • OR libXvMC-1.0.8-7 is installed
  • OR libXvMC1-1.0.8-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • dbus-1-1.8.22-24.19 is installed
  • OR dbus-1-x11-1.8.22-24.19 is installed
  • OR libdbus-1-3-1.8.22-24.19 is installed
  • OR libdbus-1-3-32bit-1.8.22-24.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • libmysqlclient18-10.0.35-29.20 is installed
  • OR libmysqlclient18-32bit-10.0.35-29.20 is installed
  • OR mariadb-10.0.35-29.20 is installed
  • OR mariadb-client-10.0.35-29.20 is installed
  • OR mariadb-errormessages-10.0.35-29.20 is installed
  • OR mariadb-tools-10.0.35-29.20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND ucode-intel-20180425-13.20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • colord-gtk-lang-0.1.26-6 is installed
  • OR libcolord-gtk1-0.1.26-6 is installed
  • OR libcolord2-1.3.3-12 is installed
  • OR libcolord2-32bit-1.3.3-12 is installed
  • OR libcolorhug2-1.3.3-12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND ucode-intel-20200602-13.68 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • ghostscript-9.27-23.28 is installed
  • OR ghostscript-x11-9.27-23.28 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • curl-7.37.0-37.43 is installed
  • OR libcurl4-7.37.0-37.43 is installed
  • OR libcurl4-32bit-7.37.0-37.43 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • xen-4.9.2_10-3.41 is installed
  • OR xen-doc-html-4.9.2_10-3.41 is installed
  • OR xen-libs-4.9.2_10-3.41 is installed
  • OR xen-libs-32bit-4.9.2_10-3.41 is installed
  • OR xen-tools-4.9.2_10-3.41 is installed
  • OR xen-tools-domU-4.9.2_10-3.41 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND libmms0-0.6.2-15 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • LibVNCServer-0.9.9-17.31 is installed
  • OR libvncclient0-0.9.9-17.31 is installed
  • OR libvncserver0-0.9.9-17.31 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND squid-3.5.21-26.23 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • glibc-2.22-62.22 is installed
  • OR glibc-32bit-2.22-62.22 is installed
  • OR glibc-devel-2.22-62.22 is installed
  • OR glibc-devel-32bit-2.22-62.22 is installed
  • OR glibc-html-2.22-62.22 is installed
  • OR glibc-i18ndata-2.22-62.22 is installed
  • OR glibc-info-2.22-62.22 is installed
  • OR glibc-locale-2.22-62.22 is installed
  • OR glibc-locale-32bit-2.22-62.22 is installed
  • OR glibc-profile-2.22-62.22 is installed
  • OR glibc-profile-32bit-2.22-62.22 is installed
  • OR nscd-2.22-62.22 is installed
    • BACK