Security update for tigervnc SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2017:1028-1 Final 1 1 2017-04-18T06:05:41Z current 2017-04-18T06:05:41Z 2017-04-18T06:05:41Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for tigervnc This update for tigervnc provides the several fixes. These security issues were fixed: - CVE-2017-7392, CVE-2017-7396: Client can cause leak in VNC server (bsc#1031886) - CVE-2017-7395: Authenticated VNC client can crash VNC server (bsc#1031877) - CVE-2017-7394: Client can crash or block VNC server (bsc#1031879) - CVE-2017-7393: Authenticated client can cause double free in VNC server (bsc#1031875) - Prevent buffer overflow in VNC client, allowing for crashing the client (bnc#1032880) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-updates/2017-04/msg00057.html E-Mail link for openSUSE-SU-2017:1028-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.1 openSUSE Leap 42.2 libXvnc-devel-1.6.0-16.5.1 libXvnc1-1.6.0-16.5.1 tigervnc-1.6.0-16.5.1 xorg-x11-Xvnc-1.6.0-16.5.1 libXvnc-devel-1.6.0-16.5.1 as a component of openSUSE Leap 42.1 libXvnc1-1.6.0-16.5.1 as a component of openSUSE Leap 42.1 tigervnc-1.6.0-16.5.1 as a component of openSUSE Leap 42.1 xorg-x11-Xvnc-1.6.0-16.5.1 as a component of openSUSE Leap 42.1 libXvnc-devel-1.6.0-16.5.1 as a component of openSUSE Leap 42.2 libXvnc1-1.6.0-16.5.1 as a component of openSUSE Leap 42.2 tigervnc-1.6.0-16.5.1 as a component of openSUSE Leap 42.2 xorg-x11-Xvnc-1.6.0-16.5.1 as a component of openSUSE Leap 42.2 In TigerVNC 1.7.1 (SSecurityVeNCrypt.cxx SSecurityVeNCrypt::SSecurityVeNCrypt), an unauthenticated client can cause a small memory leak in the server. CVE-2017-7392 openSUSE Leap 42.1:libXvnc-devel-1.6.0-16.5.1 openSUSE Leap 42.1:libXvnc1-1.6.0-16.5.1 openSUSE Leap 42.1:tigervnc-1.6.0-16.5.1 openSUSE Leap 42.1:xorg-x11-Xvnc-1.6.0-16.5.1 openSUSE Leap 42.2:libXvnc-devel-1.6.0-16.5.1 openSUSE Leap 42.2:libXvnc1-1.6.0-16.5.1 openSUSE Leap 42.2:tigervnc-1.6.0-16.5.1 openSUSE Leap 42.2:xorg-x11-Xvnc-1.6.0-16.5.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-04/msg00057.html https://www.suse.com/security/cve/CVE-2017-7392.html CVE-2017-7392 https://bugzilla.suse.com/1031886 SUSE Bug 1031886 In TigerVNC 1.7.1 (VNCSConnectionST.cxx VNCSConnectionST::fence), an authenticated client can cause a double free, leading to denial of service or potentially code execution. CVE-2017-7393 openSUSE Leap 42.1:libXvnc-devel-1.6.0-16.5.1 openSUSE Leap 42.1:libXvnc1-1.6.0-16.5.1 openSUSE Leap 42.1:tigervnc-1.6.0-16.5.1 openSUSE Leap 42.1:xorg-x11-Xvnc-1.6.0-16.5.1 openSUSE Leap 42.2:libXvnc-devel-1.6.0-16.5.1 openSUSE Leap 42.2:libXvnc1-1.6.0-16.5.1 openSUSE Leap 42.2:tigervnc-1.6.0-16.5.1 openSUSE Leap 42.2:xorg-x11-Xvnc-1.6.0-16.5.1 moderate 6 AV:N/AC:M/Au:S/C:P/I:P/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-04/msg00057.html https://www.suse.com/security/cve/CVE-2017-7393.html CVE-2017-7393 https://bugzilla.suse.com/1031875 SUSE Bug 1031875 https://bugzilla.suse.com/1031879 SUSE Bug 1031879 In TigerVNC 1.7.1 (SSecurityPlain.cxx SSecurityPlain::processMsg), unauthenticated users can crash the server by sending long usernames. CVE-2017-7394 openSUSE Leap 42.1:libXvnc-devel-1.6.0-16.5.1 openSUSE Leap 42.1:libXvnc1-1.6.0-16.5.1 openSUSE Leap 42.1:tigervnc-1.6.0-16.5.1 openSUSE Leap 42.1:xorg-x11-Xvnc-1.6.0-16.5.1 openSUSE Leap 42.2:libXvnc-devel-1.6.0-16.5.1 openSUSE Leap 42.2:libXvnc1-1.6.0-16.5.1 openSUSE Leap 42.2:tigervnc-1.6.0-16.5.1 openSUSE Leap 42.2:xorg-x11-Xvnc-1.6.0-16.5.1 moderate 6.3 AV:N/AC:M/Au:S/C:N/I:N/A:C Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-04/msg00057.html https://www.suse.com/security/cve/CVE-2017-7394.html CVE-2017-7394 https://bugzilla.suse.com/1031879 SUSE Bug 1031879 In TigerVNC 1.7.1 (SMsgReader.cxx SMsgReader::readClientCutText), by causing an integer overflow, an authenticated client can crash the server. CVE-2017-7395 openSUSE Leap 42.1:libXvnc-devel-1.6.0-16.5.1 openSUSE Leap 42.1:libXvnc1-1.6.0-16.5.1 openSUSE Leap 42.1:tigervnc-1.6.0-16.5.1 openSUSE Leap 42.1:xorg-x11-Xvnc-1.6.0-16.5.1 openSUSE Leap 42.2:libXvnc-devel-1.6.0-16.5.1 openSUSE Leap 42.2:libXvnc1-1.6.0-16.5.1 openSUSE Leap 42.2:tigervnc-1.6.0-16.5.1 openSUSE Leap 42.2:xorg-x11-Xvnc-1.6.0-16.5.1 moderate 6.3 AV:N/AC:M/Au:S/C:N/I:N/A:C Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-04/msg00057.html https://www.suse.com/security/cve/CVE-2017-7395.html CVE-2017-7395 https://bugzilla.suse.com/1031877 SUSE Bug 1031877 In TigerVNC 1.7.1 (CConnection.cxx CConnection::CConnection), an unauthenticated client can cause a small memory leak in the server. CVE-2017-7396 openSUSE Leap 42.1:libXvnc-devel-1.6.0-16.5.1 openSUSE Leap 42.1:libXvnc1-1.6.0-16.5.1 openSUSE Leap 42.1:tigervnc-1.6.0-16.5.1 openSUSE Leap 42.1:xorg-x11-Xvnc-1.6.0-16.5.1 openSUSE Leap 42.2:libXvnc-devel-1.6.0-16.5.1 openSUSE Leap 42.2:libXvnc1-1.6.0-16.5.1 openSUSE Leap 42.2:tigervnc-1.6.0-16.5.1 openSUSE Leap 42.2:xorg-x11-Xvnc-1.6.0-16.5.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2017-04/msg00057.html https://www.suse.com/security/cve/CVE-2017-7396.html CVE-2017-7396 https://bugzilla.suse.com/1031886 SUSE Bug 1031886