Moderate: tigervnc security, bug fix, and enhancement update

2021-05-1806:04:56

errata.almalinux.org

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

JSON

Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients.

The following packages have been upgraded to a later upstream version: tigervnc (1.11.0). (BZ#1880985)

Security Fix(es):

tigervnc: certificate exceptions stored as authorities (CVE-2020-26117)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

OSVersionArchitecturePackageVersionFilename
almalinux8x86_64tigervnc< 1.11.0-6.el8tigervnc-1.11.0-6.el8.x86_64.rpm
almalinux8noarchtigervnc-icons< 1.11.0-6.el8tigervnc-icons-1.11.0-6.el8.noarch.rpm
almalinux8noarchtigervnc-license< 1.11.0-6.el8tigervnc-license-1.11.0-6.el8.noarch.rpm
almalinux8noarchtigervnc-selinux< 1.11.0-6.el8tigervnc-selinux-1.11.0-6.el8.noarch.rpm
almalinux8x86_64tigervnc-server< 1.11.0-6.el8tigervnc-server-1.11.0-6.el8.x86_64.rpm
almalinux8x86_64tigervnc-server-minimal< 1.11.0-6.el8tigervnc-server-minimal-1.11.0-6.el8.x86_64.rpm
almalinux8x86_64tigervnc-server-module< 1.11.0-6.el8tigervnc-server-module-1.11.0-6.el8.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
almalinux	8	x86_64	tigervnc	< 1.11.0-6.el8	tigervnc-1.11.0-6.el8.x86_64.rpm
almalinux	8	noarch	tigervnc-icons	< 1.11.0-6.el8	tigervnc-icons-1.11.0-6.el8.noarch.rpm
almalinux	8	noarch	tigervnc-license	< 1.11.0-6.el8	tigervnc-license-1.11.0-6.el8.noarch.rpm
almalinux	8	noarch	tigervnc-selinux	< 1.11.0-6.el8	tigervnc-selinux-1.11.0-6.el8.noarch.rpm
almalinux	8	x86_64	tigervnc-server	< 1.11.0-6.el8	tigervnc-server-1.11.0-6.el8.x86_64.rpm
almalinux	8	x86_64	tigervnc-server-minimal	< 1.11.0-6.el8	tigervnc-server-minimal-1.11.0-6.el8.x86_64.rpm
almalinux	8	x86_64	tigervnc-server-module	< 1.11.0-6.el8	tigervnc-server-module-1.11.0-6.el8.x86_64.rpm