Description
[0.9.7-7.1]
- Fix CVE-2014-6051 (integer overflow in screen size handling) (bug #1157668)
- Fix CVE-2014-6052 (NULL pointer dereference in framebuffer setup)
(bug #1157668)
- Fix CVE-2014-6053 (NULL pointer dereference in ClientCutText message
handling) (bug #1157668)
- Fix CVE-2014-6054 (server divide-by-zero in scaling factor handling)
(bug #1157668)
- Fix CVE-2014-6055 (server stacked-based buffer overflow in file transfer
handling) (bug #1157668)
[0.9.7-7]
- Revert CVE-2011-0904 and CVE-2011-0905 patch because libvncserver is not
vulnerable (bug #696767)
[0.9.7-6]
- Fix CVE-2011-0904 and CVE-2011-0905 in more generic way (bug #696767)
[0.9.7-5]
- Fix CVE-2011-0904 (bug #696767)
- Fix CVE-2011-0905 (bug #696767)