Accepted libvncserver 0.9.13+dfsg-1 (source) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 29 Jun 2020 14:44:43 +0200
Source: libvncserver
Architecture: source
Version: 0.9.13+dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Remote Maintainers <debian-remote@lists.debian.org>
Changed-By: Mike Gabriel <sunweaver@debian.org>
Changes:
libvncserver (0.9.13+dfsg-1) unstable; urgency=medium
.
* New upstream release:
- CVE-2018-21247: When connecting to a repeater, only send initialised
string
- CVE-2019-20839: libvncclient: bail out if unix socket name would overflow
- CVE-2019-20840: fix crash because of unaligned accesses in
hybiReadAndDecode()
- CVE-2020-14396: libvncclient/tls_openssl: do not deref a NULL pointer
- CVE-2020-14397: libvncserver: add missing NULL pointer checks
- CVE-2020-14398: libvncclient: handle half-open TCP connections
- CVE-2020-14399: libvncclient: fix pointer aliasing/alignment issue
- CVE-2020-14400: libvncserver: fix pointer aliasing/alignment issue
- CVE-2020-14401: libvncserver: scale: cast to 64 bit before shifting
- CVE-2020-14402: libvncserver: encodings: prevent OOB accesses
- CVE-2020-14403: encodings: prevent OOB accesses
- CVE-2020-14404: libvncserver: encodings: prevent OOB accesses
- CVE-2020-14405: libvncclient/rfbproto: limit max textchat size
* debian/patches:
+ Drop all patches. All applied upstream.
+ Add README file explaining on our patch naming scheme.
* debian/*.symbols:
+ Update symbols.
* debian/control:
+ Bump DH compat level to version 13.
Checksums-Sha1:
b81ce8c152f99a4febd250d49b7236d53219d1b0 2326 libvncserver_0.9.13+dfsg-1.dsc
d910dbdc6474b4ba9e33a0564cfc7d6964f2cda5 423180 libvncserver_0.9.13+dfsg.orig.tar.xz
4a0baa3c2bc0604357160989cd9c4a4000309065 14872 libvncserver_0.9.13+dfsg-1.debian.tar.xz
89d26415a3f5982a5998f6b76ba6282d7dc9ff36 8146 libvncserver_0.9.13+dfsg-1_source.buildinfo
Checksums-Sha256:
61e6bc6179ad506527208c175769ef952b1bc9f7e68be5c2efa168e7700e3a82 2326 libvncserver_0.9.13+dfsg-1.dsc
4048514b74d9e614102d60bc038de58a34dbc5eaaf1a4961b76027578e770e9d 423180 libvncserver_0.9.13+dfsg.orig.tar.xz
f3411343c738c1b099dbc745c09b60f3fdc670090d103a0aa92dea3bbf20ec82 14872 libvncserver_0.9.13+dfsg-1.debian.tar.xz
ab9e6fbacc40d315fbdf9dd3a3944489892b42f31a4455d204e48adf736e1d40 8146 libvncserver_0.9.13+dfsg-1_source.buildinfo
Files:
4eb0c2272ac6d2146851f3fc53fa48a3 2326 libs optional libvncserver_0.9.13+dfsg-1.dsc
245a28670f3b886b20c3755b4eaeb0e3 423180 libs optional libvncserver_0.9.13+dfsg.orig.tar.xz
d2fb13cf3754d4d326d05fe4a82d256b 14872 libs optional libvncserver_0.9.13+dfsg-1.debian.tar.xz
0b6bd686542a0bd6100586a956e4a462 8146 libs optional libvncserver_0.9.13+dfsg-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJJBAEBCAAzFiEEm/uu6GwKpf+/IgeCmvRrMCV3GzEFAl755AkVHHN1bndlYXZl
ckBkZWJpYW4ub3JnAAoJEJr0azAldxsxhI4P/jUKuSO+D/bblt4Gt4fxilVfv2aw
GbxsU/sExBQlI/zqock3+Zt+KzejjQc343JWiR3pVN9TGFfzfreUEhTXdnfsPgTd
y6KBvvRzKxhN1S4HEW3lnjUGxhZJyfRCP7u6v/Y3CK7ctAemMsK5jpTYkfGRqzxc
jDoFAgYf6E8bBmNOsqHQI5XbwFMkjEs1og9y9COEjEZVk1F2GUInRJXpRf+RXCVm
lScq3pzVT1YhiPfnBu11yTuGngcv+RaBkmPWrE5J2pD7bfU1iLG/ow7ruWSfZVHw
9AcILQB6eM7fGBpi8VIDz3VVfrhouFwzRvBks0eD9X9hX/G8kaiB/hxsgbIYEUQT
7lkbanO0WMtWzD12TNIgXFRA/Q14RgQh93hvbPDWkRo2KGJZ/KFWDTAR6SlBr3mY
Ysbc5uG47mZ5M9szWPjmJSBzHYS3wRfn1m3HIftQsSFNM5VRyGgYwhnJ0qsZEsdv
RiKT7cpLvjv8inoDrIMrpdOo0+5UQ79dQ4RsqD2pIpbxVY82KaHtBE53gGLap8F/
Zxk92olP+RMr7fm980jdqwFunC+KGgzmMnuyVt6dsBW19WgfSKUP8R/S48HljB9C
8xgn1CAPqvJxfYtjWFoZg9Q0iB8MKDmOlwLGmIDvCYk+UXtHaI54wIkrtECalHRw
BxbpCElLGUu/Hfef
=GBAu
-----END PGP SIGNATURE-----