UbuntuUpdates.org

Package "krfb-dbg"

Name: krfb-dbg

Description:

debugging symbols for the KDE networking module
Latest version: 4:4.13.3-0ubuntu1.1
Release: trusty (14.04)
Level: updates
Repository: universe
Head package: krfb
Homepage: http://www.kde.org/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "krfb-dbg"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "krfb-dbg" in Trusty

Repository Area Version
base universe 4:4.13.0-0ubuntu1
security universe 4:4.13.3-0ubuntu1.1

Changelog

Version: 4:4.13.3-0ubuntu1.1 2014-09-26 09:06:36 UTC

  krfb (4:4.13.3-0ubuntu1.1) trusty-security; urgency=medium

  * SECURITY UPDATE: krfb: multiple security issues in libvncserver.
    (LP: #1374043)
    - Add upstream_libvncserver-vulnerabilities.diff
    - http://www.kde.org/info/security/advisory-20140923-1.txt
    - CVE-2014-6053
    - CVE-2014-6054
    - CVE-2014-6055
 -- Jonathan Riddell <email address hidden> Thu, 25 Sep 2014 18:55:56 +0200
Source diff to previous version
1374043 vulnerabilities in libvncserver
CVE-2014-6053 Server crash on a very large ClientCutText message
CVE-2014-6054 Server crash when scaling factor is set to zero
CVE-2014-6055 Multiple stack overflows in File Transfer feature

Version: 4:4.13.3-0ubuntu1 2014-08-12 12:06:31 UTC

  krfb (4:4.13.3-0ubuntu1) trusty; urgency=medium

  * New upstream release
  * SECURITY UPDATE: denial of service or possible code execution via
    integer overflow in liblzo2 in libvncserver in krfb
    - debian/patches/upstream_libvncserver-CVE-2014-4607.diff:
      check for overflow in libvncserver/lzoconf.h libvncserver/lzodefs.h
      libvncserver/minilzo.c libvncserver/minilzo.h
    - CVE-2014-4607
    - http://www.kde.org/info/security/advisory-20140803-1.txt
    - LP: #1352421
 -- Jonathan Riddell <email address hidden> Mon, 04 Aug 2014 20:33:11 +0200
Source diff to previous version
1352421 possible denial of service or code execution via integer overflow

Version: 4:4.13.0-0ubuntu1.1 2014-08-04 20:06:17 UTC

  krfb (4:4.13.0-0ubuntu1.1) trusty-security; urgency=medium

  * SECURITY UPDATE: denial of service or possible code execution via
    integer overflow in liblzo2 in libvncserver in krfb
    - debian/patches/upstream_libvncserver-CVE-2014-4607.diff:
      check for overflow in libvncserver/lzoconf.h libvncserver/lzodefs.h
      libvncserver/minilzo.c libvncserver/minilzo.h
    - CVE-2014-4607
    - http://www.kde.org/info/security/advisory-20140803-1.txt
    - LP: #1352421
 -- Jonathan Riddell <email address hidden> Mon, 04 Aug 2014 17:36:30 +0200
1352421 possible denial of service or code execution via integer overflow


About   -   Send Feedback to @ubuntu_updates