Advisories » MGASA-2020-0164

Updated libvncserver packages fix security vulnerability

Publication date: 15 Apr 2020
Modification date: 15 Apr 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-15690

Description

Updated libvncserver packages fix security vulnerability:

In libvncserver, through libvncclient/cursor.c, there is a possibility
of a heap overflow, as reported by Pavel Cheremushkin (CVE-2019-15690).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=25918
• https://www.debian.org/lts/security/2020/dla-2146
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15690

SRPMS

7/core

• libvncserver-0.9.12-2.2.mga7