Bug#969190: libvncserver 0.9.11+dfsg-1.3+deb10u4 flagged for acceptance

To: 969190@bugs.debian.org
Cc: 969190-submitter@bugs.debian.org
Subject: Bug#969190: libvncserver 0.9.11+dfsg-1.3+deb10u4 flagged for acceptance
From: Adam D Barratt <adam@adam-barratt.org.uk>
Date: Sat, 19 Sep 2020 17:11:57 +0000
Message-id: <[🔎] E1kJgOz-00010O-UT@coccia.debian.org>
Reply-to: Adam D Barratt <adam@adam-barratt.org.uk>, 969190@bugs.debian.org
References: <159865171303.1250.16071642626924924674.reportbug@minobo.das-netzwerkteam.de>

package release.debian.org
tags 969190 = buster pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian buster.

Thanks for your contribution!

Upload details
==============

Package: libvncserver
Version: 0.9.11+dfsg-1.3+deb10u4

Explanation: libvncclient: bail out if unix socket name would overflow [CVE-2019-20839]; fix pointer aliasing/alignment issue [CVE-2020-14399]; limit max textchat size [CVE-2020-14405]; libvncserver: add missing NULL pointer checks [CVE-2020-14397]; fix pointer aliasing/alignment issue [CVE-2020-14400]; scale: cast to 64 bit before shifting [CVE-2020-14401]; prevent OOB accesses [CVE-2020-14402 CVE-2020-14403 CVE-2020-14404]

Reply to:

Follow-Ups:
- Processed: libvncserver 0.9.11+dfsg-1.3+deb10u4 flagged for acceptance
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>

Prev by Date: Bug#969730: marked as done (release.debian.org: transition: actor-framework 0.17)
Next by Date: Processed: libvncserver 0.9.11+dfsg-1.3+deb10u4 flagged for acceptance
Previous by thread: Processed: Re: Bug#969066: buster-pu: package dovecot/1:2.3.4.1-5+deb10u4
Next by thread: Processed: libvncserver 0.9.11+dfsg-1.3+deb10u4 flagged for acceptance
Index(es):
- Date
- Thread