Oracle Linux 6277 Published by

A tigervnc security update has been released for Oracle Linux 8.



El-errata: ELSA-2020-1497 Moderate: Oracle Linux 8 tigervnc security update


Oracle Linux Security Advisory ELSA-2020-1497

  http://linux.oracle.com/errata/ELSA-2020-1497.html

The following updated rpms for Oracle Linux 8 have been uploaded to the
Unbreakable Linux Network:

x86_64:
tigervnc-1.9.0-14.el8_1.x86_64.rpm
tigervnc-icons-1.9.0-14.el8_1.noarch.rpm
tigervnc-license-1.9.0-14.el8_1.noarch.rpm
tigervnc-server-1.9.0-14.el8_1.x86_64.rpm
tigervnc-server-applet-1.9.0-14.el8_1.noarch.rpm
tigervnc-server-minimal-1.9.0-14.el8_1.x86_64.rpm
tigervnc-server-module-1.9.0-14.el8_1.x86_64.rpm

aarch64:
tigervnc-1.9.0-14.el8_1.aarch64.rpm
tigervnc-icons-1.9.0-14.el8_1.noarch.rpm
tigervnc-license-1.9.0-14.el8_1.noarch.rpm
tigervnc-server-1.9.0-14.el8_1.aarch64.rpm
tigervnc-server-applet-1.9.0-14.el8_1.noarch.rpm
tigervnc-server-minimal-1.9.0-14.el8_1.aarch64.rpm
tigervnc-server-module-1.9.0-14.el8_1.aarch64.rpm

SRPMS:
  http://oss.oracle.com/ol8/SRPMS-updates/tigervnc-1.9.0-14.el8_1.src.rpm


Description of changes:

[1.9.0-14]
- Bump build version
Resolves: bz#1819877
Resolves: bz#1819879
Resolves: bz#1819882
Resolves: bz#1819886
Resolves: bz#1819884

[1.9.0-13]
- Fix stack buffer overflow in CMsgReader::readSetCursor
Resolves: bz#1819877

- Fix heap buffer overflow in DecodeManager::decodeRect
Resolves: bz#1819879

- Fix heap buffer overflow in TightDecoder::FilterGradient
Resolves: bz#1819882

- Fix heap-based buffer overflow triggered from CopyRectDecoder
Resolves: bz#1819886

- Fix stack use-after-return due to incorrect usage of stack memory in
ZRLEDecoder
Resolves: bz#1819884