Updated libvncserver packages fix security vulnerability
Publication date: 08 May 2020Modification date: 08 May 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-20788
Description
Updated libvncserver packages fix security vulnerability:
libvncclient/cursor.c in LibVNCServer through 0.9.12 has a HandleCursorShape
integer overflow and heap-based buffer overflow via a large height or width
value (CVE-2019-20788).
References
SRPMS
7/core
- libvncserver-0.9.12-2.3.mga7