Bug 3308 - [UPDATE REQUEST] [UPSTREAM UPDATE] vino
: [UPDATE REQUEST] [UPSTREAM UPDATE] vino
Status: RESOLVED FIXED
Product: Server Bugs
Classification: ROSA Server
Component: Main Packages
: unspecified
: All Linux
: Normal normal
: ---
Assigned To: Andrew Lukoshko
: ROSA Server Bugs
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2013-12-02 19:34 MSK by Andrew Lukoshko
Modified: 2014-01-10 10:26 MSK (History)
1 user (show)

See Also:
RPM Package:
ISO-related:
Bad POT generating:
Upstream:
vladimir.potapov: qa_verified+
andrew.lukoshko: published_server+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Andrew Lukoshko 2013-12-02 19:34:25 MSK
A denial of service flaw was found in the way Vino handled certain
authenticated requests from clients that were in the deferred state. A
remote attacker could use this flaw to make the vino-server process enter
an infinite loop when processing those incoming requests. (CVE-2013-5745)

http://rhn.redhat.com/errata/RHSA-2013-1452.html

https://abf.rosalinux.ru/build_lists/1391218
https://abf.rosalinux.ru/build_lists/1391219
Comment 1 Vladimir Potapov 2013-12-10 17:55:54 MSK
vino-2.28.1-9.res6
************************** RHEL Advisory *************************
A denial of service flaw was found in the way Vino handled certain
authenticated requests from clients that were in the deferred state. A
remote attacker could use this flaw to make the vino-server process enter
an infinite loop when processing those incoming requests. (CVE-2013-5745)
******************************************************************
QA Verified