Security update for LibVNCServer
This update for LibVNCServer fixes the following issues:
- CVE-2019-15690: Fixed a heap buffer overflow (bsc#1160471).
- CVE-2019-15681: Fixed a memory leak which could have allowed to a remote attacker to read stack memory (bsc#1155419).
- CVE-2019-20788: Fixed a integer overflow and heap-based buffer overflow via a large height or width value (bsc#1170441).
This update was imported from the SUSE:SLE-15:Update update project.
-
Submitted by
Petr Gajdos (pgajdos)
Fixed bugs
bnc#1155419
VUL-1: CVE-2019-15681: LibVNCServer, vino: memory leak in VNC server code allows an attacker to read stack memory
bnc#1170441
VUL-0: CVE-2019-20788: LibVNCServer: integer overflow and heap-based buffer overflow via a large height or width value
bnc#1160471
VUL-0: CVE-2019-15690: LibVNCServer: heap buffer overflow
