Mageia 2020-0207: libvncserver security update
Summary
Updated libvncserver packages fix security vulnerability:
libvncclient/cursor.c in LibVNCServer through 0.9.12 has a HandleCursorShape
integer overflow and heap-based buffer overflow via a large height or width
value (CVE-2019-20788).
References
- https://bugs.mageia.org/show_bug.cgi?id=26587
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20788
Resolution
MGASA-2020-0207 - Updated libvncserver packages fix security vulnerability
SRPMS
- 7/core/libvncserver-0.9.12-2.3.mga7