Synopsis: Moderate: tigervnc and fltk security, bug fix, and Advisory ID: SLSA-2017:2000-1 Issue Date: 2017-08-01 CVE Numbers: CVE-2017-5581 CVE-2016-10207 CVE-2017-7392 CVE-2017-7393 CVE-2017-7394 CVE-2017-7395 CVE-2017-7396 -- FLTK (pronounced "fulltick") is a cross-platform C++ GUI toolkit. It provides modern GUI functionality without the bloat, and supports 3D graphics via OpenGL and its built-in GLUT emulation. The following packages have been upgraded to a later upstream version: tigervnc (1.8.0), fltk (1.3.4). Security Fix(es): * A denial of service flaw was found in the TigerVNC's Xvnc server. A remote unauthenticated attacker could use this flaw to make Xvnc crash by terminating the TLS handshake process early. (CVE-2016-10207) * A double free flaw was found in the way TigerVNC handled ClientFence messages. A remote, authenticated attacker could use this flaw to make Xvnc crash by sending specially crafted ClientFence messages, resulting in denial of service. (CVE-2017-7393) * A missing input sanitization flaw was found in the way TigerVNC handled credentials. A remote unauthenticated attacker could use this flaw to make Xvnc crash by sending specially crafted usernames, resulting in denial of service. (CVE-2017-7394) * An integer overflow flaw was found in the way TigerVNC handled ClientCutText messages. A remote, authenticated attacker could use this flaw to make Xvnc crash by sending specially crafted ClientCutText messages, resulting in denial of service. (CVE-2017-7395) * A buffer overflow flaw, leading to memory corruption, was found in TigerVNC viewer. A remote malicious VNC server could use this flaw to crash the client vncviewer process resulting in denial of service. (CVE-2017-5581) * A memory leak flaw was found in the way TigerVNC handled termination of VeNCrypt connections. A remote unauthenticated attacker could repeatedly send connection requests to the Xvnc server, causing it to consume large amounts of memory resources over time, and ultimately leading to a denial of service due to memory exhaustion. (CVE-2017-7392) * A memory leak flaw was found in the way TigerVNC handled client connections. A remote unauthenticated attacker could repeatedly send connection requests to the Xvnc server, causing it to consume large amounts of memory resources over time, and ultimately leading to a denial of service due to memory exhaustion. (CVE-2017-7396) -- SL7 x86_64 fltk-1.3.4-1.el7.i686.rpm fltk-1.3.4-1.el7.x86_64.rpm fltk-debuginfo-1.3.4-1.el7.i686.rpm fltk-debuginfo-1.3.4-1.el7.x86_64.rpm tigervnc-1.8.0-1.el7.x86_64.rpm tigervnc-debuginfo-1.8.0-1.el7.x86_64.rpm tigervnc-server-1.8.0-1.el7.x86_64.rpm tigervnc-server-minimal-1.8.0-1.el7.x86_64.rpm fltk-devel-1.3.4-1.el7.i686.rpm fltk-devel-1.3.4-1.el7.x86_64.rpm fltk-fluid-1.3.4-1.el7.x86_64.rpm fltk-static-1.3.4-1.el7.i686.rpm fltk-static-1.3.4-1.el7.x86_64.rpm tigervnc-server-module-1.8.0-1.el7.x86_64.rpm noarch tigervnc-icons-1.8.0-1.el7.noarch.rpm tigervnc-license-1.8.0-1.el7.noarch.rpm tigervnc-server-applet-1.8.0-1.el7.noarch.rpm - Scientific Linux Development Team