[USN-1128-1] Vino vulnerabilities

看板Bugtraq作者marc.時間14年前 (2011/05/04 04:01)推噓0(0推 0噓 0→)

留言0則, 0人參與討論串1/1

--=-XfMWGFoUJJ0yBcg7fAec Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D Ubuntu Security Notice USN-1128-1 May 02, 2011 vino vulnerabilities =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 11.04 - Ubuntu 10.10 - Ubuntu 10.04 LTS - Ubuntu 8.04 LTS Summary: An attacker could send crafted input to Vino and cause it to crash. Software Description: - vino: VNC server for GNOME Details: Kevin Chen discovered that Vino incorrectly handled certain client framebuffer requests. A remote attacker could use this flaw to cause Vino to crash, leading to a denial of service. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.04: vino 2.32.1-0ubuntu2.1 Ubuntu 10.10: vino 2.32.0-0ubuntu1.2 Ubuntu 10.04 LTS: vino 2.28.2-0ubuntu2.1 Ubuntu 8.04 LTS: vino 2.22.2-0ubuntu1.1 After a standard system update you need to restart your session to make all the necessary changes. References: CVE-2011-0904, CVE-2011-0905 Package Information: https://launchpad.net/ubuntu/+source/vino/2.32.1-0ubuntu2.1 https://launchpad.net/ubuntu/+source/vino/2.32.0-0ubuntu1.2 https://launchpad.net/ubuntu/+source/vino/2.28.2-0ubuntu2.1 https://launchpad.net/ubuntu/+source/vino/2.22.2-0ubuntu1.1 --=-XfMWGFoUJJ0yBcg7fAec Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQIcBAABCgAGBQJNvu8iAAoJEGVp2FWnRL6TP+MP/i281mL+0NHd4sqaTBNpd0Z7 kMr+cmYv13gt7HNMKlh9ExwIvFLg5GVIzHaRszaZO3f3BWYZ/PMwxbRt/GNWt2th YIAw0xlfgSUUKrrsZYo+dD8yQCUbJxNr/+jXoru0N9AJPBzj+iWqYYlNH4xZ81hb zeg9N8hwjOSkrWDE/nW4RSK+0FMe6wCYrTjo0LFjbrOYzDn2Qj1ZqNL7LFKlFePk ci/iJ9ABaJZBWoGQuXTqdKK0RVdbRBgZIaI0vOY5ColdT2Y82ZwkOgKNRVTvFVol DyOEzK8c4WFYodgwhdXRRO9sUXPLwqa5cX8CfkqEQZ7QpZrtq3OqgckSzBmCD1gO kWN5vG8HlhLRooagL9JaDYzvlr0LWa0VkeZS8Wqi0Y5V6sUGxXCKMoRTJtFsqzpw eJ8IJ3JGNnK94IhV8iWDm1LYRubdQ8SFT7/RgR7x17YAQk+ubapXrkzvUEyTaESk Mw3zMNXMA6h5AsxTDjVZxPM6whKD6a+5iJfocvZ2zPnQdjSQmCQAdzwTDdnbquyE lzeI56nTyRJSD3sMCMnpP3tjL8NlAaVH8DDFq/vShHPJImVRz5SMjCRTBQNvcTH6 /lvPxdcuVQlToCxJn+OBh/NSNkz5RmVn5RdKghX4hhvt09lr8NA3Nx509wUnHuLv 9KeZD1dbnsw2/FXMoNN/ =Hid7 -----END PGP SIGNATURE----- --=-XfMWGFoUJJ0yBcg7fAec--

‣ 返回看板[ Bugtraq ] 臭蟲

‣ 更多 marc. 的文章

文章代碼(AID): #1Dm5x-sd (Bugtraq)