Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
slackwareSlackware Linux ProjectSSA-2024-021-01
HistoryJan 21, 2024 - 8:53 p.m.

[slackware-security] tigervnc

2024-01-2120:53:54
Slackware Linux Project
www.slackware.com
9
slackware
tigervnc
security fixes
package upgrade
x86_64
-current
installation
ftp hosting
cve-2023-6377
cve-2023-6478
cve-2023-6816
cve-2024-0229
cve-2024-0408
cve-2024-0409
cve-2024-21885
cve-2024-21886
osu open source lab

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

Low

0.273 Low

EPSS

Percentile

96.8%

JSON

New tigervnc packages are available for Slackware 15.0 and -current to
fix security issues.

Here are the details from the Slackware 15.0 ChangeLog:

extra/tigervnc/tigervnc-1.12.0-i586-5_slack15.0.txz: Rebuilt.
Recompiled against xorg-server-1.20.14, including the latest patches for
several security issues. Thanks to marav.
For more information, see:
https://vulners.com/cve/CVE-2023-6377
https://vulners.com/cve/CVE-2023-6478
https://vulners.com/cve/CVE-2023-6816
https://vulners.com/cve/CVE-2024-0229
https://vulners.com/cve/CVE-2024-0408
https://vulners.com/cve/CVE-2024-0409
https://vulners.com/cve/CVE-2024-21885
https://vulners.com/cve/CVE-2024-21886
https://vulners.com/cve/CVE-2024-21886
(* Security fix *)

Where to find the new packages:

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)

Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware-15.0/extra/tigervnc/tigervnc-1.12.0-i586-5_slack15.0.txz

Updated package for Slackware x86_64 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/extra/tigervnc/tigervnc-1.12.0-x86_64-5_slack15.0.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/extra/tigervnc/tigervnc-1.13.1-i586-3.txz

Updated packages for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/extra/tigervnc/tigervnc-1.13.1-x86_64-3.txz

MD5 signatures:

Slackware 15.0 package:
13a4377260bd096461166e37ca16afe7 tigervnc-1.12.0-i586-5_slack15.0.txz

Slackware x86_64 15.0 package:
a942377a4d2c2b4b80a556eb81e5d97f tigervnc-1.12.0-x86_64-5_slack15.0.txz

Slackware -current package:
2716715cb2d3d87c4eeb0141d2e1b7ae tigervnc-1.13.1-i586-3.txz

Slackware x86_64 -current package:
2cd2eb06417478d62768c6f0a67f9550 tigervnc-1.13.1-x86_64-3.txz

Installation instructions:

Upgrade the package as root:
> upgradepkg tigervnc-1.12.0-i586-5_slack15.0.txz

Related

openvas 40
nessus 81
osv 17
fedora 5
ubuntu 5
centos 3
slackware 1
debian 2
redos 1
oraclelinux 10
almalinux 6
mageia 2
amazon 3
redhat 18
rosalinux 2
freebsd 1
gentoo 1
rocky 1
openvas
openvas
Huawei EulerOS: Security Advisory for xorg-x11-server (EulerOS-SA-2024-1254)
2024-03-12 00:00:00
Huawei EulerOS: Security Advisory for xorg-x11-server (EulerOS-SA-2024-1352)
2024-03-13 00:00:00
Huawei EulerOS: Security Advisory for xorg-x11-server (EulerOS-SA-2024-1232)
2024-03-12 00:00:00
nessus
nessus
Slackware Linux 15.0 / current tigervnc Multiple Vulnerabilities (SSA:2024-021-01)
2024-01-21 00:00:00
EulerOS 2.0 SP11 : xorg-x11-server (EulerOS-SA-2024-1232)
2024-03-12 00:00:00
EulerOS 2.0 SP10 : xorg-x11-server (EulerOS-SA-2024-1330)
2024-03-12 00:00:00
osv
osv
xorg-server, xwayland regression
2024-01-30 12:50:20
xorg-server vulnerabilities
2024-03-13 20:19:27
Moderate: xorg-x11-server-Xwayland security update
2024-05-22 00:00:00
fedora
fedora
[SECURITY] Fedora 39 Update: tigervnc-1.13.1-11.fc39
2024-01-22 01:16:00
[SECURITY] Fedora 39 Update: xorg-x11-server-1.20.14-29.fc39
2024-01-22 01:16:00
[SECURITY] Fedora 39 Update: xorg-x11-server-Xwayland-23.2.4-1.fc39
2024-01-19 02:43:04
ubuntu
ubuntu
X.Org X Server regression
2024-02-01 00:00:00
X.Org X Server vulnerabilities
2024-01-22 00:00:00
X.Org X Server vulnerabilities
2024-03-13 00:00:00
centos
centos
xorg security update
2024-01-26 18:10:28
tigervnc security update
2024-02-05 19:31:03
tigervnc security update
2024-01-12 19:01:36
slackware
slackware
[slackware-security] xorg-server
2024-01-16 20:56:51
debian
debian
[SECURITY] [DLA 3721-1] xorg-server security update
2024-01-25 21:55:22
[SECURITY] [DSA 5603-1] xorg-server security update
2024-01-23 19:51:42
redos
redos
ROS-20240329-09
2024-03-29 00:00:00
oraclelinux
oraclelinux
xorg-x11-server-Xwayland security update
2024-05-02 00:00:00
xorg-x11-server-Xwayland security update
2024-05-23 00:00:00
xorg-x11-server security update
2024-01-22 00:00:00
almalinux
almalinux
Moderate: xorg-x11-server-Xwayland security update
2024-05-22 00:00:00
Moderate: xorg-x11-server-Xwayland security update
2024-04-30 00:00:00
Important: tigervnc security update
2024-01-30 00:00:00
mageia
mageia
Updated x11-server, x11-server-xwayland and tigervnc fix security issues
2024-02-04 05:49:27
Updated x11-server and tigervnc packages fix security vulnerabilities
2024-01-15 01:23:43
amazon
amazon
Important: xorg-x11-server
2024-02-15 03:52:00
Important: xorg-x11-server
2024-04-25 16:04:00
Important: xorg-x11-server
2024-01-03 22:37:00
redhat
redhat
(RHSA-2024:0320) Important: xorg-x11-server security update
2024-01-22 13:27:42
(RHSA-2024:2996) Moderate: xorg-x11-server-Xwayland security update
2024-05-22 06:35:18
(RHSA-2024:2170) Moderate: xorg-x11-server-Xwayland security update
2024-04-30 06:14:56
rosalinux
rosalinux
Advisory ROSA-SA-2024-2351
2024-02-20 09:31:11
Advisory ROSA-SA-2024-2352
2024-02-20 09:34:57
freebsd
freebsd
xorg server -- Multiple vulnerabilities
2024-01-16 00:00:00
gentoo
gentoo
X.Org X Server, XWayland: Multiple Vulnerabilities
2024-01-31 00:00:00
rocky
rocky
tigervnc security update
2024-02-12 20:17:26

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

Low

0.273 Low

EPSS

Percentile

96.8%

JSON
Related for SSA-2024-021-01
openvas40nessus81osv17fedora5ubuntu5centos3slackware1debian2redos1oraclelinux10almalinux6mageia2amazon3redhat18rosalinux2freebsd1gentoo1rocky1