You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa tigervnc

Sigurnosni nedostaci programskog paketa tigervnc

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2017-04-07 02:51:25.234934

Name : tigervnc
Product : Fedora 25
Version : 1.7.1
Release : 3.fc25
Summary : A TigerVNC remote display system
Description :
Virtual Network Computing (VNC) is a remote display system which
allows you to view a computing ‘desktop’ environment not only on the
machine where it is running, but from anywhere on the Internet and
from a wide variety of machine architectures. This package contains a
client which will allow you to connect to other desktops running a VNC

Update Information:

Security fix for CVE-2017-7392 CVE-2017-7393 CVE-2017-7394 CVE-2017-7395

[ 1 ] Bug #1438703 – CVE-2017-7396 tigervnc: SecurityServer and ClientServer memory leaks
[ 2 ] Bug #1438701 – CVE-2017-7395 tigervnc: Integer overflow in SMsgReader::readClientCutText
[ 3 ] Bug #1438700 – CVE-2017-7394 tigervnc: Server crash via long usernames
[ 4 ] Bug #1438697 – CVE-2017-7393 tigervnc: Double free via crafted fences
[ 5 ] Bug #1438694 – CVE-2017-7392 tigervnc: SSecurityVeNCrypt memory leak

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade tigervnc’ at the command line.
For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list —
To unsubscribe send an email to

AutorVlatka Misic
Cert idNCERT-REF-2017-04-0029-ADV
More in Preporuke
Ranjivost Cisco Wireless LAN Controller (WLC) softvera

Otkrivena je ranjivost u procesiranju IPv6 UDP ulaznog paketa u Cisco Wireless LAN Controller (WLC) softveru, a uzrokovana je nepotpunom...