Re: tightvnc vulnerabilities

[Jamie Strandboge]

On Mon, 17 Dec 2018, Pavel Cheremushkin wrote:

> Hello,
> 
> I found this e-mail as a maintainer of xtightvncviewer package in Ubuntu 
> 18.04 release.
> 
> I wanted to warn you that recently I have reported 4 vulnerabilities in 
> tightvnc 1.3.X,  that is used in Ubuntu and developers refused to patch these 
> vulnerabilities. More information including overview of the vulnerabilities: 
> https://www.openwall.com/lists/oss-security/2018/12/10/5
> 

FYI, This is better handled via our bug tracker and I filed this bug on your
behalf:
https://bugs.launchpad.net/ubuntu/+source/tightvnc/+bug/1808989

-- 
Jamie Strandboge | http://www.canonical.com


signature.asc
Description: PGP signature
-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

tightvnc vulnerabilities

[Pavel Cheremushkin]

Hello,

I found this e-mail as a maintainer of xtightvncviewer package in Ubuntu 18.04 
release.

I wanted to warn you that recently I have reported 4 vulnerabilities in 
tightvnc 1.3.X,  that is used in Ubuntu and developers refused to patch these 
vulnerabilities. More information including overview of the vulnerabilities: 
https://www.openwall.com/lists/oss-security/2018/12/10/5


Best Regards,
Pavel Cheremushkin
Security Researcher| ICS CERT Vulnerability Research Group | Kaspersky Lab
39A bld.2 Leningradskoye Highway, Moscow 125212, Russia | 
www.kaspersky.com,www.securelist.com

-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss