CVEs have been assigned for two security issues in gtk-vnc: http://openwall.com/lists/oss-security/2017/02/05/5 Fixes appear to be in progress. Mageia 5 may also be affected.
Whiteboard: (none) => MGA5TOO
Assigning to all packagers collectively, since there is no registered maintainer for this package.
CC: (none) => marja11Assignee: bugsquad => pkg-bugs
Updated package uploaded and built for cauldron. I could not find any previous test procedures for this package but did find that the vinagre VNC client uses some of these packages. That would probably be a good place to start testing if you have (or can set up) a VNC server you can connect to. Updated package uploaded for Mageia 5. Advisory: ======================== Updated gtk-vnc package fixes security vulnerabilities: It was found that gtk-vnc code does not properly check boundaries of subrectangle-containing tiles. A malicious server can use this to overwrite parts of the client memory (CVE-2017-5884). In addition, the vnc_connection_server_message() and vnc_color_map_set() functions do not check for integer overflow properly, leading to a malicious server being able to overwrite parts of the client memory (CVE-2017-5885). References: http://openwall.com/lists/oss-security/2017/02/05/5 https://bugzilla.gnome.org/show_bug.cgi?id=778048 https://bugzilla.gnome.org/show_bug.cgi?id=778050 ======================== Updated packages in core/updates_testing: ======================== gtk-vnc-0.5.3-6.1.mga5.x86_64.rpm gtk-vnc-debuginfo-0.5.3-6.1.mga5.x86_64.rpm lib64gtk-vnc1.0_0-0.5.3-6.1.mga5.x86_64.rpm lib64gtk-vnc1.0-devel-0.5.3-6.1.mga5.x86_64.rpm lib64gtk-vnc2.0_0-0.5.3-6.1.mga5.x86_64.rpm lib64gtk-vnc2.0-devel-0.5.3-6.1.mga5.x86_64.rpm lib64gtkvnc-gir1.0-0.5.3-6.1.mga5.x86_64.rpm lib64gtkvnc-gir2.0-0.5.3-6.1.mga5.x86_64.rpm lib64gvnc1.0_0-0.5.3-6.1.mga5.x86_64.rpm lib64gvnc1.0-devel-0.5.3-6.1.mga5.x86_64.rpm lib64gvnc-gir1.0-0.5.3-6.1.mga5.x86_64.rpm python-gtk-vnc-0.5.3-6.1.mga5.x86_64.rpm gtk-vnc-i18n-0.5.3-6.1.mga5.noarch.rpm from gtk-vnc-0.5.3-6.1.mga5.src.rpm
CC: (none) => mramboVersion: Cauldron => 5Assignee: pkg-bugs => qa-bugsWhiteboard: MGA5TOO => (none)
CC: (none) => davidwhodginsWhiteboard: (none) => advisory
Fedora has issued an advisory for this on February 10: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/LGPQ5MQR6SN4DYTEFACHP2PP5RR26KYK/
URL: (none) => https://lwn.net/Vulnerabilities/714260/
MGA5-32 on Asus A6000VM Xfce No installation issues Installed vinagre to test at CLI $ strace -o vnc.txt vinagre and found: open("/lib/libgtk-vnc-2.0.so.0", O_RDONLY|O_CLOEXEC) = 3
CC: (none) => herman.viaeneWhiteboard: advisory => advisory MGA5-32-OK
Started vncserver on one system, setting a password. Used gvncviewer to connect to that system ok from the system testing the update. Validating the update
Keywords: (none) => validated_updateWhiteboard: advisory MGA5-32-OK => advisory MGA5-32-OK MGA5-64-OKCC: (none) => sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2017-0057.html
Status: NEW => RESOLVEDResolution: (none) => FIXED