Ubuntu has issued an advisory on November 17: https://ubuntu.com/security/notices/USN-4636-1 We fixed libvncserver already with 0.9.13. From Bug 26881, CVE-2019-20840, CVE-2020-14397, CVE-2020-1440[0-4] likely still affect vino too. Mageia 7 is also affected.
Whiteboard: (none) => MGA7TOO
'vino' has no registered nor consistent maintainer, so assigning this globally.
Assignee: bugsquad => pkg-bugs
Done for both Cauldron and mga7!
CC: (none) => geiger.david68210
vino-3.22.0-3.3.mga7 for the CVE-2020-25708 fix. What about CVE-2019-20840, CVE-2020-14397, CVE-2020-1440[0-4]?
Already done for CVE-2020-14397 and CVE-2020-1440[0234]!
r1602806 | ns80 | 2020-07-07 11:29:11 +0200 (mar. 07 juil. 2020) | 2 lignes - add patches for CVE-2020-14397 and CVE-2020-1440[0234] (mga#26882)
This one CVE-2019-20840 does not affect vino as there isn't "libvncserver/ws_decode.c" source code.
Oh thanks David! I totally forgot about Bug 26882.
Whiteboard: MGA7TOO => (none)Version: Cauldron => 7
Advisory: ======================== Updated vino package fixes security vulnerability: libvncserver/rfbserver.c from LibVNCServer, which is bundled by vino, has a divide by zero issue which could result in denial of service (CVE-2020-25708). References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25708 https://ubuntu.com/security/notices/USN-4636-1 ======================== Updated packages in core/updates_testing: ======================== vino-3.22.0-3.3.mga7 from vino-3.22.0-3.3.mga7.src.rpm
Assignee: pkg-bugs => qa-bugsSummary: vino new security issue CVE-2020-25708 (and possibly others) => vino new security issue CVE-2020-25708
MGA7-64 MATE on Peaq C1011 No installation issues Ref bug 26882 Comment 5 for tests (again no Gnome desktop on this notebook) Note that the command to set the vnc password is dconf-editor (I had to install it, not being there by default) # /usr/libexec/vino-server 21/11/2020 15:38:06 Autoprobing TCP port in (all) network interface 21/11/2020 15:38:06 Listening IPv6://[::]:5900 21/11/2020 15:38:06 Listening IPv4://0.0.0.0:5900 21/11/2020 15:38:06 Autoprobing selected port 5900 21/11/2020 15:38:06 Advertising security type: 'TLS' (18) 21/11/2020 15:38:06 Re-binding socket to listen for VNC connections on TCP port 5900 in (all) interface 21/11/2020 15:38:06 Listening IPv6://[::]:5900 21/11/2020 15:38:06 Listening IPv4://0.0.0.0:5900 21/11/2020 15:38:06 Clearing securityTypes 21/11/2020 15:38:06 Advertising security type: 'TLS' (18) 21/11/2020 15:38:06 Clearing securityTypes 21/11/2020 15:38:06 Advertising security type: 'TLS' (18) 21/11/2020 15:38:06 Advertising authentication type: 'No Authentication' (1) 21/11/2020 15:38:06 Re-binding socket to listen for VNC connections on TCP port 5900 in (all) interface 21/11/2020 15:38:06 Listening IPv6://[::]:5900 21/11/2020 15:38:06 Listening IPv4://0.0.0.0:5900 21/11/2020 15:38:58 [IPv6] Got connection from client localhost 21/11/2020 15:38:58 other clients: 21/11/2020 15:38:58 Client Protocol Version 3.7 21/11/2020 15:38:58 Advertising security type 18 21/11/2020 15:38:58 Client returned security type 18 21/11/2020 15:38:59 Advertising authentication type 1 21/11/2020 15:38:59 Client returned authentication type 1 21/11/2020 15:40:46 [IPv6] Got connection from client localhost etc.... Same remark at using vinagre: it connects, but that's it. also $ netstat -nl | grep 5900 tcp 0 0 0.0.0.0:5900 0.0.0.0:* LISTEN tcp6 0 0 :::5900 :::* LISTEN As good as can be here.
CC: (none) => herman.viaeneWhiteboard: (none) => MGA7-64-OK
Validating. Advisory in Comment 8.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
Advisory pushed to SVN.
Keywords: (none) => advisoryCC: (none) => ouaurelien
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2020-0439.html
Status: NEW => RESOLVEDResolution: (none) => FIXED