Security update for LibVNCServer
The LibVNCServer package was updated to fix the following security issues:
- bsc#897031: fix several security issues:
* CVE-2014-6051: Integer overflow in MallocFrameBuffer() on client side.
* CVE-2014-6052: Lack of malloc() return value checking on client side.
* CVE-2014-6053: Server crash on a very large ClientCutText message.
* CVE-2014-6054: Server crash when scaling factor is set to zero.
* CVE-2014-6055: Multiple stack overflows in File Transfer feature.
- bsc#854151: Restrict the SSL cipher suite.
- Submitted by Reinhard Max (rmax)
Fixed bugs
bnc#854151
AUDIT-0: LibVNCServer:insecure openssl cipher suite
bnc#897031
VUL-0: libvncserver / other vnc implementation: various issues