| Revision Date: | 2020-01-16 | Version: | 1 |
| Title: | Security update for tigervnc (Important) |
| Description: |
This update for tigervnc fixes the following issues:
- CVE-2019-15691: Fixed a use-after-return due to incorrect usage of stack memory in ZRLEDecoder (bsc#1159856). - CVE-2019-15692: Fixed a heap-based buffer overflow in CopyRectDecode (bsc#1160250). - CVE-2019-15693: Fixed a heap-based buffer overflow in TightDecoder::FilterGradient (bsc#1159858). - CVE-2019-15694: Fixed a heap-based buffer overflow, caused by improper error handling in processing MemOutStream (bsc#1160251). - CVE-2019-15695: Fixed a stack-based buffer overflow, which could be triggered from CMsgReader::readSetCursor (bsc#1159860).
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1159856
1159858
1159860
1160250
1160251
CVE-2019-15691
CVE-2019-15692
CVE-2019-15693
CVE-2019-15694
CVE-2019-15695
SUSE-SU-2020:0113-1
|
| Platform(s): | SUSE Linux Enterprise Desktop 15 SP1
SUSE Linux Enterprise High Performance Computing 15 SP1
SUSE Linux Enterprise Module for Desktop Applications 15 SP1
SUSE Linux Enterprise Server 15 SP1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
SUSE Linux Enterprise Storage 6
SUSE Manager Proxy 4.0
SUSE Manager Server 4.0
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed AND libXvnc-devel-1.9.0-19.3.1 is installed
|