Security Information / 2011 / Security Information -- DSA-2238-1 vino

Debian Security Advisory

DSA-2238-1 vino -- several vulnerabilities

Date Reported:

19 May 2011

Affected Packages:

vino

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2011-0904, CVE-2011-0905.

More information:

Kevin Chen discovered that incorrect processing of framebuffer requests in the Vino VNC server could lead to denial of service.

For the stable distribution (squeeze), this problem has been fixed in version 2.28.2-2+squeeze1.

For the unstable distribution (sid), this problem has been fixed in version 2.28.2-3.

We recommend that you upgrade your vino packages.