libvncserver: add upstream security fix for CVE-2018-7225 - buildroot

diff options

author	Peter Korsgaard <peter@korsgaard.com>	2018-06-09 18:02:29 +0200
committer	Thomas Petazzoni <thomas.petazzoni@bootlin.com>	2018-06-10 14:21:19 +0200
commit	a4f7700f0b40022f91c2d43f7d21c5a01487587e (patch)
tree	2f74d156e4d92899b4692d1ecc2f6db5588b3217 /package/python/python.mk
parent	e5975c729e2ddb5321c48af23d9b5975d68165b0 (diff)
download	buildroot-a4f7700f0b40022f91c2d43f7d21c5a01487587e.tar.gz buildroot-a4f7700f0b40022f91c2d43f7d21c5a01487587e.zip

libvncserver: add upstream security fix for CVE-2018-7225

Fixes CVE-2018-7225 - An issue was discovered in LibVNCServer through 0.9.11. rfbProcessClientNormalMessage() in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact (e.g., an integer overflow) via specially crafted VNC packets. Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

Diffstat (limited to 'package/python/python.mk')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: