Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2015-2233)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.122783

Kategorie: Oracle Linux Local Security Checks

Titel: Oracle: Security Advisory (ELSA-2015-2233)

Zusammenfassung: The remote host is missing an update for the 'tigervnc' package(s) announced via the ELSA-2015-2233 advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'tigervnc' package(s) announced via the ELSA-2015-2233 advisory.

Vulnerability Insight:
[1.3.1-3]
- Do not mention that display number is required in the file name
Resolves: bz#1195266

[1.3.1-2]
- Resolves: bz#1248422
CVE-2014-8240 CVE-2014-8241 tigervnc: various flaws

[1.3.1-1]
- Drop unnecessary patches
- Re-base to 1.3.1 (bug #1199453)
- Re-build against re-based xserver (bug #1194898)
- Check the return value from XShmAttach (bug #1072733)
- Add missing part of xserver114.patch (bug #1140603)
- Keep pointer in sync (bug #1100661)
- Make input device class global (bug #1119640)
- Add IPv6 support (bug #1162722)
- Set initial mode as preferred (bug #1181287)
- Do not mention that display number is required in the file name (bug #1195266)
- Enable Xinerama extension (bug #1199437)
- Specify full path for runuser command (bug #1208817)

[1.2.80-0.31.20130314svn5065]
- Rebuilt against xorg-x11-server to pick up ppc64le fix (bug #1140424).

Affected Software/OS:
'tigervnc' package(s) on Oracle Linux 7.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2014-8240
BugTraq ID: 70391
http://www.securityfocus.com/bid/70391
https://security.gentoo.org/glsa/201612-36
https://bugzilla.redhat.com/show_bug.cgi?id=1151307
http://seclists.org/oss-sec/2014/q4/278
http://seclists.org/oss-sec/2014/q4/300
XForce ISS Database: tigervnc-cve20148240-bo(96947)
https://exchange.xforce.ibmcloud.com/vulnerabilities/96947
Common Vulnerability Exposure (CVE) ID: CVE-2014-8241
BugTraq ID: 70390
http://www.securityfocus.com/bid/70390
RedHat Security Advisories: RHSA-2015:2233
https://rhn.redhat.com/errata/RHSA-2015-2233.html

Copyright Copyright (C) 2015 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.122783
Kategorie:	Oracle Linux Local Security Checks
Titel:	Oracle: Security Advisory (ELSA-2015-2233)
Zusammenfassung:	The remote host is missing an update for the 'tigervnc' package(s) announced via the ELSA-2015-2233 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'tigervnc' package(s) announced via the ELSA-2015-2233 advisory. Vulnerability Insight: [1.3.1-3] - Do not mention that display number is required in the file name Resolves: bz#1195266 [1.3.1-2] - Resolves: bz#1248422 CVE-2014-8240 CVE-2014-8241 tigervnc: various flaws [1.3.1-1] - Drop unnecessary patches - Re-base to 1.3.1 (bug #1199453) - Re-build against re-based xserver (bug #1194898) - Check the return value from XShmAttach (bug #1072733) - Add missing part of xserver114.patch (bug #1140603) - Keep pointer in sync (bug #1100661) - Make input device class global (bug #1119640) - Add IPv6 support (bug #1162722) - Set initial mode as preferred (bug #1181287) - Do not mention that display number is required in the file name (bug #1195266) - Enable Xinerama extension (bug #1199437) - Specify full path for runuser command (bug #1208817) [1.2.80-0.31.20130314svn5065] - Rebuilt against xorg-x11-server to pick up ppc64le fix (bug #1140424). Affected Software/OS: 'tigervnc' package(s) on Oracle Linux 7. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2014-8240 BugTraq ID: 70391 http://www.securityfocus.com/bid/70391 https://security.gentoo.org/glsa/201612-36 https://bugzilla.redhat.com/show_bug.cgi?id=1151307 http://seclists.org/oss-sec/2014/q4/278 http://seclists.org/oss-sec/2014/q4/300 XForce ISS Database: tigervnc-cve20148240-bo(96947) https://exchange.xforce.ibmcloud.com/vulnerabilities/96947 Common Vulnerability Exposure (CVE) ID: CVE-2014-8241 BugTraq ID: 70390 http://www.securityfocus.com/bid/70390 RedHat Security Advisories: RHSA-2015:2233 https://rhn.redhat.com/errata/RHSA-2015-2233.html
Copyright	Copyright (C) 2015 Greenbone AG