RHSA-2017:2258-01 -- Redhat gtk-vncID: oval:org.secpod.oval:def:502116 | Date: (C)2017-08-04 (M)2023-04-17 |
Class: PATCH | Family: unix |
The gtk-vnc packages provide a VNC viewer widget for GTK. The gtk-vnc widget is built by using co-routines, which allows the widget to be completely asynchronous while remaining single-threaded. The following packages have been upgraded to a later upstream version: gtk-vnc . Security Fix: * It was found that gtk-vnc lacked proper bounds checking while processing messages using RRE, hextile, or copyrect encodings. A remote malicious VNC server could use this flaw to crash VNC viewers which are based on the gtk-vnc library. * An integer overflow flaw was found in gtk-vnc. A remote malicious VNC server could use this flaw to crash VNC viewers which are based on the gtk-vnc library. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.4 Release Notes linked from the References section.
Platform: |
Red Hat Enterprise Linux 7 |