Oval Definition:	oval:org.opensuse.security:def:64056
Revision Date: 2020-12-01 Version: 1 Title: Security update for LibVNCServer (Important) Description: This update for LibVNCServer fixes the following issues: - security update fix CVE-2018-21247 [bsc#1173874], uninitialized memory contents are vulnerable to Information leak fix CVE-2019-20839 [bsc#1173875], buffer overflow in ConnectClientToUnixSock() fix CVE-2019-20840 [bsc#1173876], unaligned accesses in hybiReadAndDecode can lead to denial of service fix CVE-2020-14398 [bsc#1173880], improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c fix CVE-2020-14397 [bsc#1173700], NULL pointer dereference in libvncserver/rfbregion.c fix CVE-2020-14399 [bsc#1173743], Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c. fix CVE-2020-14400 [bsc#1173691], Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. fix CVE-2020-14401 [bsc#1173694], potential integer overflows in libvncserver/scale.c fix CVE-2020-14402 [bsc#1173701], out-of-bounds access via encodings. fix CVE-2020-14403 [bsc#1173701], out-of-bounds access via encodings. fix CVE-2020-14404 [bsc#1173701], out-of-bounds access via encodings. fix CVE-2017-18922 [bsc#1173477], preauth buffer overwrite Family: unix Class: patch Status: Reference(s): 1094138 1118087 1134856 1138301 1138302 1138303 1138305 1141777 1143839 1150425 1158251 1158365 1159833 1159920 1172380 1172524 1173477 1173691 1173694 1173700 1173701 1173743 1173874 1173875 1173876 1173880 1175664 1175665 1175671 CVE-2017-18922 CVE-2017-6318 CVE-2018-11243 CVE-2018-16868 CVE-2018-21247 CVE-2019-1010048 CVE-2019-10161 CVE-2019-10166 CVE-2019-10167 CVE-2019-10168 CVE-2019-13659 CVE-2019-13660 CVE-2019-13661 CVE-2019-13662 CVE-2019-13663 CVE-2019-13664 CVE-2019-13665 CVE-2019-13666 CVE-2019-13667 CVE-2019-13668 CVE-2019-13669 CVE-2019-13670 CVE-2019-13671 CVE-2019-13673 CVE-2019-13674 CVE-2019-13675 CVE-2019-13676 CVE-2019-13677 CVE-2019-13678 CVE-2019-13679 CVE-2019-13680 CVE-2019-13681 CVE-2019-13682 CVE-2019-13683 CVE-2019-14296 CVE-2019-20021 CVE-2019-20053 CVE-2019-20839 CVE-2019-20840 CVE-2019-5163 CVE-2019-5164 CVE-2019-5870 CVE-2019-5871 CVE-2019-5872 CVE-2019-5874 CVE-2019-5875 CVE-2019-5876 CVE-2019-5877 CVE-2019-5878 CVE-2019-5879 CVE-2019-5880 CVE-2019-5881 CVE-2020-10756 CVE-2020-12861 CVE-2020-12862 CVE-2020-12863 CVE-2020-12864 CVE-2020-12865 CVE-2020-12866 CVE-2020-12867 CVE-2020-14397 CVE-2020-14398 CVE-2020-14399 CVE-2020-14400 CVE-2020-14401 CVE-2020-14402 CVE-2020-14403 CVE-2020-14404 CVE-2020-15810 CVE-2020-15811 CVE-2020-24606 openSUSE-SU-2019:1477-1 openSUSE-SU-2019:1753-1 openSUSE-SU-2019:2152-1 openSUSE-SU-2019:2667-1 openSUSE-SU-2020:0163-1 openSUSE-SU-2020:0987-1 SUSE-SU-2020:2471-1 Platform(s): openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE Linux Enterprise Server 12 SP4-LTSS Product(s): Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information gnutls-3.6.7-lp151.2.3 is installed OR gnutls-guile-3.6.7-lp151.2.3 is installed OR libgnutls-dane-devel-3.6.7-lp151.2.3 is installed OR libgnutls-dane0-3.6.7-lp151.2.3 is installed OR libgnutls-devel-3.6.7-lp151.2.3 is installed OR libgnutls-devel-32bit-3.6.7-lp151.2.3 is installed OR libgnutls30-3.6.7-lp151.2.3 is installed OR libgnutls30-32bit-3.6.7-lp151.2.3 is installed OR libgnutlsxx-devel-3.6.7-lp151.2.3 is installed OR libgnutlsxx28-3.6.7-lp151.2.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND Package Information LibVNCServer-0.9.9-17.31 is installed OR libvncclient0-0.9.9-17.31 is installed OR libvncserver0-0.9.9-17.31 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-LTSS is installed AND squid-3.5.21-26.32 is installed
BACK