Back to italc PTS page

Accepted italc 1:2.0.2+dfsg1-2+deb8u1 (source amd64) into oldoldstable

To: dispatch@tracker.debian.org, debian-lts-changes@lists.debian.org
Subject: Accepted italc 1:2.0.2+dfsg1-2+deb8u1 (source amd64) into oldoldstable
From: Mike Gabriel <sunweaver@debian.org>
Date: Fri, 01 Nov 2019 14:20:17 +0000
Mail-followup-to: debian-lts@lists.debian.org
Message-id: <E1iQXmj-0002rh-8v@seger.debian.org>
Reply-to: debian-lts@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 30 Oct 2019 21:41:30 +0100
Source: italc
Binary: italc-master italc-master-dbg italc-client italc-client-dbg italc-management-console italc-management-console-dbg libitalccore libitalccore-dbg
Architecture: source amd64
Version: 1:2.0.2+dfsg1-2+deb8u1
Distribution: jessie-security
Urgency: medium
Maintainer: Debian Edu Packaging Team <debian-edu-pkg-team@lists.alioth.debian.org>
Changed-By: Mike Gabriel <sunweaver@debian.org>
Description:
 italc-client - intelligent Teaching And Learning with Computers - client
 italc-client-dbg - intelligent Teaching And Learning with Computers - client debug s
 italc-management-console - intelligent Teaching And Learning with Computers - management con
 italc-management-console-dbg - intelligent Teaching And Learning with Computers - imc debug symb
 italc-master - intelligent Teaching And Learning with Computers - master
 italc-master-dbg - intelligent Teaching And Learning with Computers - master debug s
 libitalccore - intelligent Teaching And Learning with Computers - libraries
 libitalccore-dbg - intelligent Teaching And Learning with Computers - library debug
Changes:
 italc (1:2.0.2+dfsg1-2+deb8u1) jessie-security; urgency=medium
 .
   * Porting of libvncserver+libvncclient security patches:
     - CVE-2014-6051: Fix integer overflow in MallocFrameBuffer().
     - CVE-2014-6052: Check for MallocFrameBuffer() return value.
     - CVE-2014-6053: Check malloc() return value on client->server ClientCutText
       message.
     - CVE-2014-6054: Do not accept a scaling factor of zero on
       PalmVNCSetScaleFactor and SetScale client->server messages
     - CVE-2014-6055: Fix multiple stack-based buffer overflows in file transfer
       feature.
     - CVE-2016-9941: Fix heap overflows in the various rectangle fill functions.
     - CVE-2016-9942: Fix heap overflow in the ultra.c decoder.
     - CVE-2018-7225: Uninitialized and potentially sensitive data could be
       accessed by remote attackers because the msg.cct.length in rfbserver.c was
       not sanitized.
     - CVE-2018-15127: heap out-of-bound write vulnerability.
     - CVE-2018-20019: multiple heap out-of-bound write vulnerabilities.
     - CVE-2018-20020: heap out-of-bound write vulnerability inside structure
       in VNC client code.
     - CVE-2018-20021: CWE-835: Infinite loop vulnerability in VNC client code.
     - CVE-2018-20022: CWE-665: Improper Initialization vulnerability.
     - CVE-2018-20023: Improper Initialization vulnerability in VNC Repeater
       client code.
     - CVE-2018-20024: null pointer dereference that can result DoS.
     - CVE-2018-6307: heap use-after-free vulnerability in server code of
       file transfer extension.
     - CVE-2018-20748: incomplete fix for CVE-2018-20019 oob heap writes.
     - CVE-2018-20749: incomplete fix for CVE-2018-15127 oob heap writes.
     - CVE-2018-20750: incomplete fix for CVE-2018-15127 oob heap writes.
     - CVE-2018-15126: heap use-after-free resulting in possible RCE.
     - CVE-2019-15681: rfbserver: don't leak stack memory to the remote.
Checksums-Sha1:
 e27dd098ee97cc96a65234ec30198c0a835f7395 2854 italc_2.0.2+dfsg1-2+deb8u1.dsc
 b0688a5b5ac082a42a2fe42226da2a11b7ecce6e 2315812 italc_2.0.2+dfsg1.orig.tar.xz
 bf25cc0f1456a4f5a6432b528114e684cda903a2 59720 italc_2.0.2+dfsg1-2+deb8u1.debian.tar.xz
 1fcd047b65e6d88c62091e0b46f98d309421d716 651630 italc-master_2.0.2+dfsg1-2+deb8u1_amd64.deb
 9f0bd024fe3ed30bc15bebcd5e820aea709597e8 1096786 italc-master-dbg_2.0.2+dfsg1-2+deb8u1_amd64.deb
 745e33e119586a201bae037da34a67834344c24c 641434 italc-client_2.0.2+dfsg1-2+deb8u1_amd64.deb
 98a880aef9fef2947f60e96a7a47eb44e5129570 1256918 italc-client-dbg_2.0.2+dfsg1-2+deb8u1_amd64.deb
 efc2b2cae87ca8a4f7f9a1e5b8169360e808424e 142528 italc-management-console_2.0.2+dfsg1-2+deb8u1_amd64.deb
 583efc2f9bfdb9394ce15095e95b7f3f5ac9f609 449924 italc-management-console-dbg_2.0.2+dfsg1-2+deb8u1_amd64.deb
 2b238c60275b47c5578ae387e6196916532bd753 620098 libitalccore_2.0.2+dfsg1-2+deb8u1_amd64.deb
 f3910eea6548006ac3ecc5a9586a9392fdb3d108 1263692 libitalccore-dbg_2.0.2+dfsg1-2+deb8u1_amd64.deb
Checksums-Sha256:
 743e0a722a96061e42324a7104dc843cce983273124e8788731ed4e5eaa7972e 2854 italc_2.0.2+dfsg1-2+deb8u1.dsc
 559212f84980120640db9742677c2dd7b3ee9f6663ccfe73ee8dbc2d417cc6d4 2315812 italc_2.0.2+dfsg1.orig.tar.xz
 e18ff645c9c4a66c4ec05fc49f2484e01b077b601047498f91581efa462d337b 59720 italc_2.0.2+dfsg1-2+deb8u1.debian.tar.xz
 1747662b51bbc100a5c4d98be5f4faaa63f31cf3927b16fb0aff808bb90d36ee 651630 italc-master_2.0.2+dfsg1-2+deb8u1_amd64.deb
 67030b3b6dfecb09139bb38dc69e2bac4dd53b72cde10155f22332b0a2087098 1096786 italc-master-dbg_2.0.2+dfsg1-2+deb8u1_amd64.deb
 78a5f2068110ce06e54b1bf78cf4a02a2cd05542a6325ecd107def31059e1f1d 641434 italc-client_2.0.2+dfsg1-2+deb8u1_amd64.deb
 956c619cb09d4edbfdf253fd5734cad48f1582196ccc6f37f547c45747c7128d 1256918 italc-client-dbg_2.0.2+dfsg1-2+deb8u1_amd64.deb
 012b549b9d7c0518f5c47a4346f656e064becbf6bece60d265d7aae38b0f5ef9 142528 italc-management-console_2.0.2+dfsg1-2+deb8u1_amd64.deb
 16b3c5262de40db0564a44e0d4a591a0bf1a19eb78d8e9ba2369ee6f91e813a7 449924 italc-management-console-dbg_2.0.2+dfsg1-2+deb8u1_amd64.deb
 b29f9c7248ea3ac71e515cd6a53c4dc72c772efbb45099c0e750776527c76bbf 620098 libitalccore_2.0.2+dfsg1-2+deb8u1_amd64.deb
 92946e7d29340e4e26c19dc105a9875a666e5501e37657ad7de9aafdaafa5f0e 1263692 libitalccore-dbg_2.0.2+dfsg1-2+deb8u1_amd64.deb
Files:
 641aabfda14baa7b4fe2321d97a3e8b6 2854 x11 optional italc_2.0.2+dfsg1-2+deb8u1.dsc
 2c9b52de5aa207218017e0b69f248dd2 2315812 x11 optional italc_2.0.2+dfsg1.orig.tar.xz
 c82996479353a28852f054d5ba18f01d 59720 x11 optional italc_2.0.2+dfsg1-2+deb8u1.debian.tar.xz
 b3ed5449921333448e5edb7883bdd739 651630 x11 optional italc-master_2.0.2+dfsg1-2+deb8u1_amd64.deb
 d6e2c23806de0993bebdf84af76896ee 1096786 debug extra italc-master-dbg_2.0.2+dfsg1-2+deb8u1_amd64.deb
 65ae633812fee01799cd9a1bd3a04ee1 641434 x11 optional italc-client_2.0.2+dfsg1-2+deb8u1_amd64.deb
 37e1e358a3cc783ac267d253fb769e23 1256918 debug extra italc-client-dbg_2.0.2+dfsg1-2+deb8u1_amd64.deb
 b109b4682c6decfc95cae10c284d036a 142528 x11 optional italc-management-console_2.0.2+dfsg1-2+deb8u1_amd64.deb
 8977825057764a56b665240f83b39287 449924 debug extra italc-management-console-dbg_2.0.2+dfsg1-2+deb8u1_amd64.deb
 3a6586e73f2a2c2f54e06c917db6921f 620098 x11 optional libitalccore_2.0.2+dfsg1-2+deb8u1_amd64.deb
 dbd3b5a277a49c4dd76dd49135365d86 1263692 debug extra libitalccore-dbg_2.0.2+dfsg1-2+deb8u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQJJBAEBCAAzFiEEm/uu6GwKpf+/IgeCmvRrMCV3GzEFAl28O7cVHHN1bndlYXZl
ckBkZWJpYW4ub3JnAAoJEJr0azAldxsx3psP/2wlGeBqWnMegvOX7JuRRRnVNozM
d7pzkDoBmoqb3PoNPvQYMWF3erJXZj7oJ2z+wPNyVO0VUvxb9Fbht+fGvN93COLo
ItMwjQIxlF4MAVFp6Vlmks3WP71Qw9MyTiYgsNcCCHKvESgeGUcuKqBlrTRH+P8t
oy8xBvq71b3tEyz4lXnsSWMHFchKXHCfC2BhoNOOhk5qT/lPgotLKnpcLqwlLhMC
214oJM6W4+xg/jkXL+k2kI9ImfwFsz9Ttx2DclVd5KbHWa3wwfVLd87EiGmNPFQH
YZ4obciH5jUBGlT46uCIWJmKWdaul9F8H5Q+FSoOBsyiMFyuZp6spbAZDXTj6Qq3
n0rGXQbSNvUFEycQNXzeYGbHMRuly/LkZGyc6uMBjgyb9DRCFZwXZNS1KBNsn8A2
jMPSIu+Kh0V5sW4yF2tO4CUK6miKKDjAYd83JLylliuyKLgqkcLcLiSLFAfLu9BV
H+3vHMKgPQ3q+vMbXyrYn6YKgV40luLVLkC0P26GIObhDyyLMbeN/aQXLrTfF2Qe
Qw81OQluNCZizjZlB53Mnc8w+8DSJGHCDF6dwqB7DmprYMOl+mJ5QNHb+Ho+XRUP
nR4a8nQ/oxNXFPf6t6+kcbbK7PpVNolrFP01y5lGi2nWJBgwvdsT41mAr99AS4cE
eqYfQpduCe4RRiX/
=zOu3
-----END PGP SIGNATURE-----