[ubuntu/trusty-security] krfb 4:4.13.3-0ubuntu1.1 (Accepted)

Seth Arnold seth.arnold at canonical.com
Fri Sep 26 07:21:07 UTC 2014

krfb (4:4.13.3-0ubuntu1.1) trusty-security; urgency=medium

  * SECURITY UPDATE: krfb: multiple security issues in libvncserver.
    (LP: #1374043)
    - Add upstream_libvncserver-vulnerabilities.diff
    - http://www.kde.org/info/security/advisory-20140923-1.txt
    - CVE-2014-6053
    - CVE-2014-6054
    - CVE-2014-6055

krfb (4:4.13.3-0ubuntu1) trusty; urgency=medium

  * New upstream release
  * SECURITY UPDATE: denial of service or possible code execution via
    integer overflow in liblzo2 in libvncserver in krfb
    - debian/patches/upstream_libvncserver-CVE-2014-4607.diff:
      check for overflow in libvncserver/lzoconf.h libvncserver/lzodefs.h
      libvncserver/minilzo.c libvncserver/minilzo.h
    - CVE-2014-4607
    - http://www.kde.org/info/security/advisory-20140803-1.txt
    - LP: #1352421

Date: 2014-09-26 01:47:12.822981+00:00
Changed-By: Jonathan Riddell <jriddell at ubuntu.com>
Maintainer: Kubuntu Members <kubuntu-devel at lists.ubuntu.com>
Signed-By: Seth Arnold <seth.arnold at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Trusty-changes mailing list