• [SECURITY] [DSA 4799-1] x11vnc security update

    From Salvatore Bonaccorso@21:1/5 to All on Sat Nov 28 15:10:02 2020
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-4799-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso November 28, 2020 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : x11vnc
    CVE ID : CVE-2020-29074
    Debian Bug : 975875

    Guenal Davalan reported a flaw in x11vnc, a VNC server to allow remote
    access to an existing X session. x11vnc creates shared memory segments
    with 0777 mode. A local attacker can take advantage of this flaw for information disclosure, denial of service or interfering with the VNC
    session of another user on the host.

    For the stable distribution (buster), this problem has been fixed in
    version 0.9.13-6+deb10u1.

    We recommend that you upgrade your x11vnc packages.

    For the detailed security status of x11vnc please refer to its security
    tracker page at:
    https://security-tracker.debian.org/tracker/x11vnc

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl/CVm1fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0Stzw/9FscrafZGQV4bN5j39Qjg3pbLzcPsfG8zVVGbjXFbcLc/7CVIDRkHevZ9 9S4LoCxI7LU13j6KJ2ZubDFU6yOKGzGRJFhobiKkRBJbw70+awngb8D6vTYQRqVO 8ZR5aHP2SUqh20kUSifL5+w6PSFIPOk7pW4kIBjc6kaA7ym0qqanNyaKFmxREl8+ +2aAx9UE1IpMpVAsr5oQXuVIobKU15MU+6fBtbjmrfaVMpDVneF23uLyAqGrvneE cBfUvmUMlIPIh6JbnVT3+H2KJZD0CCUL0pOLWOQiuuZX9cdR8XmZgm+kHNBtSUoN AxUFSRI9eYuRPqymkZuJxSunLi02PpJvUwMt+Um2z4SY7xy1paq61Up6zvhV/hmU NVxxrzMVVm4YPhp7qqiU4tkOakEaEosXBxoG1hq9HYADY0cpq5MJ0t0PijNtjx6/ 1BkY0fJRI+ExwJeWxuOFz6vy7Gj5caQojMME4Iqs+QvsuH86i65Oxhwbrb7Zb1vS GsPC4rdwq95/VvrBklTwe9I00yD5fEUZs9qhhJkxv4KB5bhBaXe07eEQ37BzBOCZ QrhBgxseZIkINL2iMp/sMQRc1Rh7koMYstQgvAyfs1mvcB4/Dk1KTBiwpFoRUfO5 N1R6yIrRJVVKe77NfDEwxnZ49jfAktGmYvvzoOhWbbDxJG7Sq8E=
    =lTIu
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)