Hi Salvatore! I prepared the package containing the fixes for both CVE's on git:
https://anonscm.debian.org/cgit/collab-maint/libvncserver.git/tag/?h=debian/0.9.9%2bdfsg2-6.1%2bdeb8u2 Can you upload them? Greetings, Peter On 01/03/2017 07:12 AM, Salvatore Bonaccorso wrote: > Source: libvncserver > Version: 0.9.10+dfsg-3 > Severity: grave > Tags: upstream security patch > Justification: user security hole > > Hi, > > the following vulnerability was published for libvncserver. > > CVE-2016-9941[0]: > | Heap-based buffer overflow in rfbproto.c in LibVNCClient in > | LibVNCServer before 0.9.11 allows remote servers to cause a denial of > | service (application crash) or possibly execute arbitrary code via a > | crafted FramebufferUpdate message containing a subrectangle outside of > | the client drawing area. > > Fixing commit for the rfbproto.c part of the pull request in [1]. > > If you fix the vulnerability please also make sure to include the > CVE (Common Vulnerabilities & Exposures) id in your changelog entry. > > For further information see: > > [0] https://security-tracker.debian.org/tracker/CVE-2016-9941 > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9941 > [1] > https://github.com/LibVNC/libvncserver/pull/137/commits/5418e8007c248bf9668d22a8c1fa9528149b69f2 > > Please adjust the affected versions in the BTS as needed. > > Regards, > Salvatore >