Updated tigervnc packages fix CVE-2014-0011Publication date: 15 Apr 2014
Affected Mageia releases : 3 , 4
Updated tigervnc packages fix security vulnerability: A heap-based buffer overflow was found in the way vncviewer rendered certain screen images from a vnc server. If a user could be tricked into connecting to a malicious vnc server, it may cause the vncviewer to crash, or could possibly execute arbitrary code with the permissions of the user running it. This issue was due to an issue in the ZRLE_DECODE() function which performs RLE decoding (CVE-2014-0011).