This package is just an umbrella for a group of other packages,
it has no description.
Description samples from packages in group:
- API to write one's own VNC server - client library
- debugging symbols for libvncclient
- API to write one's own VNC server - library utility
- API to write one's own VNC server - development files
Other versions of "libvncserver" in Eoan
Packages in group
Deleted packages are displayed in grey.
libvncserver (0.9.11+dfsg-1.3ubuntu0.1) eoan-security; urgency=medium
* SECURITY UPDATE: null pointer dereference in HandleZlibBPP function which
results in DoS
- debian/patches/CVE-2019-15680.patch: prevent dereferencing of null
pointers during decoding in libvncclient/zlib.c and libvncclient/zrle.c.
* SECURITY UPDATE: memory leak allows an attacker to read stack memory
resulting in possible information disclosure
- debian/patches/CVE-2019-15681.patch: clear a block of memory for the sct
variable in libvncserver/rfbserver.c.
* SECURITY UPDATE: heap buffer overflow caused by large cursor sizes
- debian/patches/CVE-2019-15690_CVE-2019-20788.patch: limit the size of
cursor in libvncclient/cursor.c.
* SECURITY UPDATE: heap-based buffer overflow which allowed easy modification
of a return address via an overwritten function pointer
- debian/patches/CVE-2017-18922.patch: fix buffer overflow within the
websocket decoding functionality in libvncserver/websockets.c.
-- Avital Ostromich <email address hidden> Tue, 30 Jun 2020 11:53:25 -0400
||TightVNC code version 1.3.10 contains null pointer dereference in HandleZlibBPP function, which results Denial of System (DoS). This attack appear to
||LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a memory leak (CWE-655) in VNC server code, which allow an attacker to read st
||libvncclient/cursor.c in LibVNCServer through 0.9.12 has a HandleCursorShape integer overflow and heap-based buffer overflow via a large height or wi
||It was discovered that websockets.c in LibVNCServer prior to 0.9.12 di ...
Send Feedback to @ubuntu_updates