Hi Salvatore!
I prepared the package containing the fixes for both CVE's on git:
https://anonscm.debian.org/cgit/collab-maint/libvncserver.git/tag/?h=debian/0.9.9%2bdfsg2-6.1%2bdeb8u2
Can you upload them?
Greetings,
Peter
On 01/03/2017 07:12 AM, Salvatore Bonaccorso wrote:
> Source: libvncserver
> Version: 0.9.10+dfsg-3
> Severity: grave
> Tags: upstream security patch
> Justification: user security hole
>
> Hi,
>
> the following vulnerability was published for libvncserver.
>
> CVE-2016-9941[0]:
> | Heap-based buffer overflow in rfbproto.c in LibVNCClient in
> | LibVNCServer before 0.9.11 allows remote servers to cause a denial of
> | service (application crash) or possibly execute arbitrary code via a
> | crafted FramebufferUpdate message containing a subrectangle outside of
> | the client drawing area.
>
> Fixing commit for the rfbproto.c part of the pull request in [1].
>
> If you fix the vulnerability please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
>
> For further information see:
>
> [0] https://security-tracker.debian.org/tracker/CVE-2016-9941
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9941
> [1]
> https://github.com/LibVNC/libvncserver/pull/137/commits/5418e8007c248bf9668d22a8c1fa9528149b69f2
>
> Please adjust the affected versions in the BTS as needed.
>
> Regards,
> Salvatore
>
