openSUSE Security Update : LibVNCServer (openSUSE-2015-851)
High Nessus Plugin ID 87389
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThe LibVNCServer package was updated to fix the following security issues :
- bsc#897031: fix several security issues :
- CVE-2014-6051: Integer overflow in MallocFrameBuffer() on client side.
- CVE-2014-6052: Lack of malloc() return value checking on client side.
- CVE-2014-6053: Server crash on a very large ClientCutText message.
- CVE-2014-6054: Server crash when scaling factor is set to zero.
- CVE-2014-6055: Multiple stack overflows in File Transfer feature.
- bsc#854151: Restrict the SSL cipher suite.
SolutionUpdate the affected LibVNCServer packages.