You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa tigervnc

Sigurnosni nedostaci programskog paketa tigervnc

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2017-04-25 12:28:36.811319

Name : tigervnc
Product : Fedora 24
Version : 1.7.1
Release : 4.fc24
Summary : A TigerVNC remote display system
Description :
Virtual Network Computing (VNC) is a remote display system which
allows you to view a computing ‘desktop’ environment not only on the
machine where it is running, but from anywhere on the Internet and
from a wide variety of machine architectures. This package contains a
client which will allow you to connect to other desktops running a VNC

Update Information:

Security fix for CVE-2017-7392 CVE-2017-7393 CVE-2017-7394 CVE-2017-7395
CVE-2017-7396. Add systemd unit file for Xvnc.

[ 1 ] Bug #1438703 – CVE-2017-7396 tigervnc: SecurityServer and ClientServer memory leaks
[ 2 ] Bug #1438701 – CVE-2017-7395 tigervnc: Integer overflow in SMsgReader::readClientCutText
[ 3 ] Bug #1438700 – CVE-2017-7394 tigervnc: Server crash via long usernames
[ 4 ] Bug #1438697 – CVE-2017-7393 tigervnc: Double free via crafted fences
[ 5 ] Bug #1438694 – CVE-2017-7392 tigervnc: SSecurityVeNCrypt memory leak

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade tigervnc’ at the command line.
For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list —
To unsubscribe send an email to

AutorVlatka Misic
Cert idNCERT-REF-2017-04-0026-ADV
More in Preporuke
Sigurnosni nedostaci programskog paketa mysql-5.5

Otkriveni su sigurnosni nedostaci u programskom paketu mysql-5.5 za operacijski sustav Debian. Otkriveni nedostaci potencijalnim napadačima omogućuju narušavanje povjerljivosti, integriteta...