vulnerabilities in libvncserver
Bug #1374043 reported by
Jonathan Riddell
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
krfb (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Trusty |
Fix Released
|
Undecided
|
Unassigned | ||
Utopic |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
http://
krfb 4.14 embeds libvncserver which has had several security issues.
For future versions krfb instead depends on a system-installed
libvncserver, but for 4.14 the bundled version needs to be updated.
information type: | Public → Public Security |
To post a comment you must log in.
This bug was fixed in the package krfb - 4:4.13.3-0ubuntu1.1
--------------- 3-0ubuntu1. 1) trusty-security; urgency=medium
krfb (4:4.13.
* SECURITY UPDATE: krfb: multiple security issues in libvncserver. libvncserver- vulnerabilities .diff www.kde. org/info/ security/ advisory- 20140923- 1.txt
(LP: #1374043)
- Add upstream_
- http://
- CVE-2014-6053
- CVE-2014-6054
- CVE-2014-6055
-- Jonathan Riddell <email address hidden> Thu, 25 Sep 2014 18:55:56 +0200