Oval Definition:oval:org.opensuse.security:def:60741
Revision Date:2020-12-01Version:1
Title:Security update for LibVNCServer (Important)
Description:

This update for LibVNCServer fixes the following issues:

- security update fix CVE-2018-21247 [bsc#1173874], uninitialized memory contents are vulnerable to Information leak fix CVE-2019-20839 [bsc#1173875], buffer overflow in ConnectClientToUnixSock() fix CVE-2019-20840 [bsc#1173876], unaligned accesses in hybiReadAndDecode can lead to denial of service fix CVE-2020-14398 [bsc#1173880], improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c fix CVE-2020-14397 [bsc#1173700], NULL pointer dereference in libvncserver/rfbregion.c fix CVE-2020-14399 [bsc#1173743], Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c. fix CVE-2020-14400 [bsc#1173691], Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. fix CVE-2020-14401 [bsc#1173694], potential integer overflows in libvncserver/scale.c fix CVE-2020-14402 [bsc#1173701], out-of-bounds access via encodings. fix CVE-2020-14403 [bsc#1173701], out-of-bounds access via encodings. fix CVE-2020-14404 [bsc#1173701], out-of-bounds access via encodings. fix CVE-2017-18922 [bsc#1173477], preauth buffer overwrite
Family:unixClass:patch
Status:Reference(s):1010201
1012382
1012523
1015336
1015337
1015340
1015342
1015343
1019675
1020412
1020645
1022595
1022607
1024346
1024373
1024376
1024412
1027353
1031717
1032150
1036489
1036800
1037404
1037838
1038299
1039542
1040073
1041873
1042268
1042957
1042977
1042978
1043017
1045404
1046054
1046107
1047901
1047989
1048317
1048327
1048356
1050060
1050231
1050257
1051188
1051406
1051635
1051987
1052384
1053309
1053919
1055272
1056003
1056365
1056427
1056587
1056596
1056652
1056979
1057079
1057199
1057820
1058413
1059639
1060333
1060995
1060996
1061000
1061756
1062496
1062835
1062941
1063026
1063349
1063516
1064206
1064320
1064591
1064597
1064606
1064701
1064926
1065101
1065180
1065600
1065639
1065692
1065717
1065866
1065959
1066045
1066175
1066192
1066213
1066223
1066285
1066382
1066470
1066471
1066472
1066573
1066606
1066629
1066660
1066696
1066767
1066812
1066974
1067105
1067132
1067225
1067494
1067734
1067735
1067888
1067906
1068671
1068978
1068980
1068982
1069152
1069250
1069270
1069277
1069484
1069583
1069721
1069793
1069879
1069916
1069942
1069996
1070001
1070006
1070145
1070169
1070404
1070535
1070767
1070771
1070805
1070825
1070964
1071693
1071694
1071695
1071833
1072589
1072928
1081164
1087020
1092952
1093095
1095070
1099257
1102775
1111122
1113094
1113672
1122293
1122299
1127027
1132826
1138034
1141798
1142058
1143215
1154212
1158442
1159646
1172049
1172405
1172515
1172781
1172782
1172783
1173477
1173691
1173694
1173700
1173701
1173743
1173874
1173875
1173876
1173880
1174922
1174923
1176315
744692
789311
964944
966170
966172
969470
979928
989261
996376
CVE-2017-1000410
CVE-2017-11591
CVE-2017-11600
CVE-2017-11683
CVE-2017-12193
CVE-2017-14859
CVE-2017-14862
CVE-2017-14864
CVE-2017-15115
CVE-2017-16528
CVE-2017-16536
CVE-2017-16537
CVE-2017-16645
CVE-2017-16646
CVE-2017-16994
CVE-2017-17448
CVE-2017-17449
CVE-2017-17450
CVE-2017-17669
CVE-2017-18922
CVE-2017-18922
CVE-2017-7482
CVE-2017-8824
CVE-2018-10958
CVE-2018-10998
CVE-2018-11212
CVE-2018-11531
CVE-2018-12900
CVE-2018-18065
CVE-2018-18557
CVE-2018-18661
CVE-2018-21247
CVE-2018-21247
CVE-2018-9055
CVE-2019-10164
CVE-2019-17571
CVE-2019-20839
CVE-2019-20839
CVE-2019-20840
CVE-2019-20840
CVE-2019-2422
CVE-2019-2614
CVE-2019-2627
CVE-2019-2737
CVE-2019-2739
CVE-2019-2740
CVE-2019-2805
CVE-2019-2933
CVE-2019-2945
CVE-2019-2962
CVE-2019-2964
CVE-2019-2973
CVE-2019-2978
CVE-2019-2981
CVE-2019-2983
CVE-2019-2989
CVE-2019-2992
CVE-2019-2999
CVE-2020-10766
CVE-2020-10767
CVE-2020-10768
CVE-2020-12673
CVE-2020-12674
CVE-2020-14397
CVE-2020-14397
CVE-2020-14398
CVE-2020-14398
CVE-2020-14399
CVE-2020-14399
CVE-2020-14400
CVE-2020-14400
CVE-2020-14401
CVE-2020-14401
CVE-2020-14402
CVE-2020-14402
CVE-2020-14403
CVE-2020-14403
CVE-2020-14404
CVE-2020-14404
CVE-2020-17507
CVE-2020-8022
SUSE-SU-2017:3398-1
SUSE-SU-2018:1424-1
SUSE-SU-2019:0604-1
SUSE-SU-2019:1783-2
SUSE-SU-2019:2461-1
SUSE-SU-2020:0051-1
SUSE-SU-2020:0054-1
SUSE-SU-2020:1713-1
SUSE-SU-2020:1791-1
SUSE-SU-2020:2167-1
SUSE-SU-2020:2274-1
SUSE-SU-2020:2751-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-LTSS
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • mercurial-4.5.2-lp150.2.6 is installed
  • OR mercurial-lang-4.5.2-lp150.2.6 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • ImageMagick-7.0.7.34-lp151.7.9 is installed
  • OR ImageMagick-config-7-SUSE-7.0.7.34-lp151.7.9 is installed
  • OR ImageMagick-config-7-upstream-7.0.7.34-lp151.7.9 is installed
  • OR ImageMagick-devel-7.0.7.34-lp151.7.9 is installed
  • OR ImageMagick-devel-32bit-7.0.7.34-lp151.7.9 is installed
  • OR ImageMagick-doc-7.0.7.34-lp151.7.9 is installed
  • OR ImageMagick-extra-7.0.7.34-lp151.7.9 is installed
  • OR libMagick++-7_Q16HDRI4-7.0.7.34-lp151.7.9 is installed
  • OR libMagick++-7_Q16HDRI4-32bit-7.0.7.34-lp151.7.9 is installed
  • OR libMagick++-devel-7.0.7.34-lp151.7.9 is installed
  • OR libMagick++-devel-32bit-7.0.7.34-lp151.7.9 is installed
  • OR libMagickCore-7_Q16HDRI6-7.0.7.34-lp151.7.9 is installed
  • OR libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-lp151.7.9 is installed
  • OR libMagickWand-7_Q16HDRI6-7.0.7.34-lp151.7.9 is installed
  • OR libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-lp151.7.9 is installed
  • OR perl-PerlMagick-7.0.7.34-lp151.7.9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • kernel-default-4.4.103-6.33 is installed
  • OR kernel-default-base-4.4.103-6.33 is installed
  • OR kernel-default-devel-4.4.103-6.33 is installed
  • OR kernel-default-man-4.4.103-6.33 is installed
  • OR kernel-devel-4.4.103-6.33 is installed
  • OR kernel-macros-4.4.103-6.33 is installed
  • OR kernel-source-4.4.103-6.33 is installed
  • OR kernel-syms-4.4.103-6.33 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • kernel-default-4.4.180-94.124 is installed
  • OR kernel-default-base-4.4.180-94.124 is installed
  • OR kernel-default-devel-4.4.180-94.124 is installed
  • OR kernel-devel-4.4.180-94.124 is installed
  • OR kernel-macros-4.4.180-94.124 is installed
  • OR kernel-source-4.4.180-94.124 is installed
  • OR kernel-syms-4.4.180-94.124 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • LibVNCServer-0.9.9-17.31 is installed
  • OR libvncclient0-0.9.9-17.31 is installed
  • OR libvncserver0-0.9.9-17.31 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • dovecot22-2.2.31-19.22 is installed
  • OR dovecot22-backend-mysql-2.2.31-19.22 is installed
  • OR dovecot22-backend-pgsql-2.2.31-19.22 is installed
  • OR dovecot22-backend-sqlite-2.2.31-19.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libsnmp30-5.7.3-6.3 is installed
  • OR libsnmp30-32bit-5.7.3-6.3 is installed
  • OR net-snmp-5.7.3-6.3 is installed
  • OR perl-SNMP-5.7.3-6.3 is installed
  • OR snmp-mibs-5.7.3-6.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • dpdk-17.11.4-3 is installed
  • OR dpdk-kmp-default-17.11.4_k4.12.14_94.41-3 is installed
  • OR dpdk-thunderx-17.11.4-3 is installed
  • OR dpdk-thunderx-kmp-default-17.11.4_k4.12.14_94.41-3 is installed
  • OR dpdk-tools-17.11.4-3 is installed
  • OR libdpdk-17_11-17.11.4-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-LTSS is installed
  • AND squid-3.5.21-26.29 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • LibVNCServer-0.9.9-17.31 is installed
  • OR libvncclient0-0.9.9-17.31 is installed
  • OR libvncserver0-0.9.9-17.31 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND python-requests-2.20.1-4.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • libecpg6-10.9-1.12 is installed
  • OR libpq5-10.9-1.12 is installed
  • OR libpq5-32bit-10.9-1.12 is installed
  • OR postgresql10-10.9-1.12 is installed
  • OR postgresql10-contrib-10.9-1.12 is installed
  • OR postgresql10-docs-10.9-1.12 is installed
  • OR postgresql10-libs-10.9-1.12 is installed
  • OR postgresql10-plperl-10.9-1.12 is installed
  • OR postgresql10-plpython-10.9-1.12 is installed
  • OR postgresql10-pltcl-10.9-1.12 is installed
  • OR postgresql10-server-10.9-1.12 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • mariadb-10.2.32-3.28 is installed
  • OR mariadb-galera-10.2.32-3.28 is installed
    • BACK