File _patchinfo of Package patchinfo.6595

<patchinfo incident="6595">
  <issue id="1032880" tracker="bnc">VUL-0: tigervnc: Malicious VNC server can write to random data on stack in TigerVnc vncviewer</issue>
  <issue id="1031877" tracker="bnc">VUL-1: CVE-2017-7395 : tigervnc: Authenticated VNC client can crash VNC server.</issue>
  <issue id="1031875" tracker="bnc">VUL-1: CVE-2017-7393 : tigervnc: Authenticated client can cause double free in VNC server</issue>
  <issue id="1031886" tracker="bnc">VUL-1: CVE-2017-7392 CVE-2017-7396 : tigervnc: Client can cause leak in VNC server.</issue>
  <issue id="1031879" tracker="bnc">VUL-1: CVE-2017-7394 : tigervnc: Client can crash or block VNC server.</issue>
  <issue id="2017-7392" tracker="cve" />
  <issue id="2017-7393" tracker="cve" />
  <issue id="2017-7394" tracker="cve" />
  <issue id="2017-7395" tracker="cve" />
  <issue id="2017-7396" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>michalsrb</packager>
  <description>
This update for tigervnc provides the several fixes.

These security issues were fixed:

- CVE-2017-7392, CVE-2017-7396: Client can cause leak in VNC server (bsc#1031886)
- CVE-2017-7395: Authenticated VNC client can crash VNC server (bsc#1031877)
- CVE-2017-7394: Client can crash or block VNC server (bsc#1031879)
- CVE-2017-7393: Authenticated client can cause double free in VNC server (bsc#1031875)
- Prevent buffer overflow in VNC client, allowing for crashing the client (bnc#1032880)
</description>
  <summary>Security update for tigervnc</summary>
</patchinfo>