[ubuntu/trusty-updates] krfb 4:4.13.3-0ubuntu1 (Accepted)
Colin Watson
cjwatson at canonical.com
Tue Aug 12 10:46:48 UTC 2014
krfb (4:4.13.3-0ubuntu1) trusty; urgency=medium
* New upstream release
* SECURITY UPDATE: denial of service or possible code execution via
integer overflow in liblzo2 in libvncserver in krfb
- debian/patches/upstream_libvncserver-CVE-2014-4607.diff:
check for overflow in libvncserver/lzoconf.h libvncserver/lzodefs.h
libvncserver/minilzo.c libvncserver/minilzo.h
- CVE-2014-4607
- http://www.kde.org/info/security/advisory-20140803-1.txt
- LP: #1352421
Date: 2014-08-04 18:46:38.665953+00:00
Changed-By: Jonathan Riddell <jriddell at ubuntu.com>
Maintainer: Kubuntu Members <kubuntu-devel at lists.ubuntu.com>
Signed-By: Colin Watson <cjwatson at canonical.com>
https://launchpad.net/ubuntu/trusty/+source/krfb/4:4.13.3-0ubuntu1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list