Security Advisory Moderate: tigervnc security and bug fix update

Advisory: RHSA-2017:0630-1
Type: Security Advisory
Severity: Moderate
Issued on: 2017-03-21
Last updated on: 2017-03-21
Affected Products: Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2016-10207
CVE-2017-5581

Details

An update for tigervnc is now available for Red Hat Enterprise Linux 6.

Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.

Virtual Network Computing (VNC) is a remote display system which allows users to
view a computing desktop environment not only on the machine where it is
running, but from anywhere on the Internet and from a wide variety of machine
architectures. TigerVNC is a suite of VNC servers and clients. The tigervnc
packages contain a client which allows users to connect to other desktops
running a VNC server.

Security Fix(es):

* A denial of service flaw was found in the TigerVNC's Xvnc server. A remote
unauthenticated attacker could use this flaw to make Xvnc crash by terminating
the TLS handshake process early. (CVE-2016-10207)

* A buffer overflow flaw, leading to memory corruption, was found in TigerVNC
viewer. A remote malicious VNC server could use this flaw to crash the client
vncviewer process resulting in denial of service. (CVE-2017-5581)

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise
Linux 6.9 Release Notes and Red Hat Enterprise Linux 6.9 Technical Notes linked
from the References section.


Solution

For details on how to apply this update, which includes the changes described in
this advisory, refer to:

https://access.redhat.com/articles/11258

Updated packages

Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
tigervnc-1.1.0-24.el6.src.rpm     MD5: 9bd5c71b3bb2fa7026d6551336cc74f0
SHA-256: 0461b82220f4f0bf12b5649e5d7005e45358d11433835d132361ebbece961a10
 
IA-32:
tigervnc-1.1.0-24.el6.i686.rpm     MD5: 120fe6bb6397067af6ccc78dac5f6f8b
SHA-256: 885c52acd1ea35b1a78cb349c2367ea2db08c992ef894da556b1fa4f1f5883ba
tigervnc-debuginfo-1.1.0-24.el6.i686.rpm     MD5: 8fec51edadd6cc1b17357c9d50c523ec
SHA-256: 867d0d6ff2b094895d5b2dfbbd54f04574719074a201de9f69812bbaf6b8870f
tigervnc-server-1.1.0-24.el6.i686.rpm     MD5: b5edc507edf67a776437ff9b6fc124aa
SHA-256: eb7bbd31c9ddfded325a5c0e291e17f396fff69d7835dd46eb2ce0778a0ecabf
tigervnc-server-applet-1.1.0-24.el6.noarch.rpm     MD5: a3e43b4d0151dd5b93301649b2d9e5b3
SHA-256: 81e9f09fe1513088dc52462475edf629a02169e600885540c164b05b330b03f8
tigervnc-server-module-1.1.0-24.el6.i686.rpm     MD5: f8f88ab180ae86752115bcc667663bb0
SHA-256: a1d9d09e40dc1db17a756b592ff4a495a5dcd23427d7be50f6c4c74b284eadac
 
x86_64:
tigervnc-1.1.0-24.el6.x86_64.rpm     MD5: 676b40224890e3ebd7404284d8131d60
SHA-256: bf529e15d33822ee07b4119f9e8b1aabafa0d5f356810a3bd930f40cbc9117a7
tigervnc-debuginfo-1.1.0-24.el6.x86_64.rpm     MD5: 9c65e2baffedd26bcd6d9d4ce0b54878
SHA-256: bf7e302a7da903b3f8f62dbb15d1206cfde02f5a9780aae8b9c44c21e4119936
tigervnc-server-1.1.0-24.el6.x86_64.rpm     MD5: 82927a13699720e4f146821b35337f04
SHA-256: d8b49775d9ec9beab24f7a01e04723a5b4c7f1f4a64485a9737d6b3993ca5ee6
tigervnc-server-applet-1.1.0-24.el6.noarch.rpm     MD5: a3e43b4d0151dd5b93301649b2d9e5b3
SHA-256: 81e9f09fe1513088dc52462475edf629a02169e600885540c164b05b330b03f8
tigervnc-server-module-1.1.0-24.el6.x86_64.rpm     MD5: 7839bf9755fe41328901f9b204f0e1a3
SHA-256: 2c8f4f4928eb2da8aac786a23832897f297432d96e20486bc41baa898c8c1940
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
tigervnc-1.1.0-24.el6.src.rpm     MD5: 9bd5c71b3bb2fa7026d6551336cc74f0
SHA-256: 0461b82220f4f0bf12b5649e5d7005e45358d11433835d132361ebbece961a10
 
x86_64:
tigervnc-1.1.0-24.el6.x86_64.rpm     MD5: 676b40224890e3ebd7404284d8131d60
SHA-256: bf529e15d33822ee07b4119f9e8b1aabafa0d5f356810a3bd930f40cbc9117a7
tigervnc-debuginfo-1.1.0-24.el6.x86_64.rpm     MD5: 9c65e2baffedd26bcd6d9d4ce0b54878
SHA-256: bf7e302a7da903b3f8f62dbb15d1206cfde02f5a9780aae8b9c44c21e4119936
tigervnc-server-1.1.0-24.el6.x86_64.rpm     MD5: 82927a13699720e4f146821b35337f04
SHA-256: d8b49775d9ec9beab24f7a01e04723a5b4c7f1f4a64485a9737d6b3993ca5ee6
tigervnc-server-applet-1.1.0-24.el6.noarch.rpm     MD5: a3e43b4d0151dd5b93301649b2d9e5b3
SHA-256: 81e9f09fe1513088dc52462475edf629a02169e600885540c164b05b330b03f8
tigervnc-server-module-1.1.0-24.el6.x86_64.rpm     MD5: 7839bf9755fe41328901f9b204f0e1a3
SHA-256: 2c8f4f4928eb2da8aac786a23832897f297432d96e20486bc41baa898c8c1940
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
tigervnc-1.1.0-24.el6.src.rpm     MD5: 9bd5c71b3bb2fa7026d6551336cc74f0
SHA-256: 0461b82220f4f0bf12b5649e5d7005e45358d11433835d132361ebbece961a10
 
IA-32:
tigervnc-1.1.0-24.el6.i686.rpm     MD5: 120fe6bb6397067af6ccc78dac5f6f8b
SHA-256: 885c52acd1ea35b1a78cb349c2367ea2db08c992ef894da556b1fa4f1f5883ba
tigervnc-debuginfo-1.1.0-24.el6.i686.rpm     MD5: 8fec51edadd6cc1b17357c9d50c523ec
SHA-256: 867d0d6ff2b094895d5b2dfbbd54f04574719074a201de9f69812bbaf6b8870f
tigervnc-server-1.1.0-24.el6.i686.rpm     MD5: b5edc507edf67a776437ff9b6fc124aa
SHA-256: eb7bbd31c9ddfded325a5c0e291e17f396fff69d7835dd46eb2ce0778a0ecabf
tigervnc-server-applet-1.1.0-24.el6.noarch.rpm     MD5: a3e43b4d0151dd5b93301649b2d9e5b3
SHA-256: 81e9f09fe1513088dc52462475edf629a02169e600885540c164b05b330b03f8
tigervnc-server-module-1.1.0-24.el6.i686.rpm     MD5: f8f88ab180ae86752115bcc667663bb0
SHA-256: a1d9d09e40dc1db17a756b592ff4a495a5dcd23427d7be50f6c4c74b284eadac
 
PPC:
tigervnc-1.1.0-24.el6.ppc64.rpm     MD5: 1b95251350cb773e9594b260a8145ab9
SHA-256: 57d463f7f424f57863f3393b1de8e7b901fdbeab6abeaef9707a40fd212e6a17
tigervnc-debuginfo-1.1.0-24.el6.ppc64.rpm     MD5: 1af73f0a7fa148f542a0dc4f536e5a08
SHA-256: 221b620683d62e115e7066b7f910a5de5057d051a29baae0dfe200577737f64d
tigervnc-server-1.1.0-24.el6.ppc64.rpm     MD5: 84000e95ba4065b0a4bfccc98d811f4a
SHA-256: 6b0686566fafe83560bbcab971eb4e4d2054ad658a80bd8cdc19c9877c3da54e
tigervnc-server-applet-1.1.0-24.el6.noarch.rpm     MD5: a3e43b4d0151dd5b93301649b2d9e5b3
SHA-256: 81e9f09fe1513088dc52462475edf629a02169e600885540c164b05b330b03f8
tigervnc-server-module-1.1.0-24.el6.ppc64.rpm     MD5: c85d1dc7cb8d6e5be91a443a89ba33ec
SHA-256: 400981edaaeb2a6f342e380bc50ec7719bba43d49081dd75f2c4ee0036e796c8
 
s390x:
tigervnc-1.1.0-24.el6.s390x.rpm     MD5: 8cedc62eb2d74c8131ae4b7983346a0a
SHA-256: 9e597a59590ea0c5ebf71473b972b5252d2482ccb95c82c348a34928dd19ec69
tigervnc-debuginfo-1.1.0-24.el6.s390x.rpm     MD5: ca1334dd6c5fa60e96cf0f1f5b3ddecd
SHA-256: 6c6d2729f84573c981e2ecbbff263905e5cc20407504da06c41ebeca0be24941
tigervnc-server-1.1.0-24.el6.s390x.rpm     MD5: 84f92054d61cc9c8f4224b70e522ab70
SHA-256: 5ed84404542becef2dda788059735fab0d85713196853ba1bf32d035fef4611c
tigervnc-server-applet-1.1.0-24.el6.noarch.rpm     MD5: a3e43b4d0151dd5b93301649b2d9e5b3
SHA-256: 81e9f09fe1513088dc52462475edf629a02169e600885540c164b05b330b03f8
 
x86_64:
tigervnc-1.1.0-24.el6.x86_64.rpm     MD5: 676b40224890e3ebd7404284d8131d60
SHA-256: bf529e15d33822ee07b4119f9e8b1aabafa0d5f356810a3bd930f40cbc9117a7
tigervnc-debuginfo-1.1.0-24.el6.x86_64.rpm     MD5: 9c65e2baffedd26bcd6d9d4ce0b54878
SHA-256: bf7e302a7da903b3f8f62dbb15d1206cfde02f5a9780aae8b9c44c21e4119936
tigervnc-server-1.1.0-24.el6.x86_64.rpm     MD5: 82927a13699720e4f146821b35337f04
SHA-256: d8b49775d9ec9beab24f7a01e04723a5b4c7f1f4a64485a9737d6b3993ca5ee6
tigervnc-server-applet-1.1.0-24.el6.noarch.rpm     MD5: a3e43b4d0151dd5b93301649b2d9e5b3
SHA-256: 81e9f09fe1513088dc52462475edf629a02169e600885540c164b05b330b03f8
tigervnc-server-module-1.1.0-24.el6.x86_64.rpm     MD5: 7839bf9755fe41328901f9b204f0e1a3
SHA-256: 2c8f4f4928eb2da8aac786a23832897f297432d96e20486bc41baa898c8c1940
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
tigervnc-1.1.0-24.el6.src.rpm     MD5: 9bd5c71b3bb2fa7026d6551336cc74f0
SHA-256: 0461b82220f4f0bf12b5649e5d7005e45358d11433835d132361ebbece961a10
 
IA-32:
tigervnc-1.1.0-24.el6.i686.rpm     MD5: 120fe6bb6397067af6ccc78dac5f6f8b
SHA-256: 885c52acd1ea35b1a78cb349c2367ea2db08c992ef894da556b1fa4f1f5883ba
tigervnc-debuginfo-1.1.0-24.el6.i686.rpm     MD5: 8fec51edadd6cc1b17357c9d50c523ec
SHA-256: 867d0d6ff2b094895d5b2dfbbd54f04574719074a201de9f69812bbaf6b8870f
tigervnc-server-1.1.0-24.el6.i686.rpm     MD5: b5edc507edf67a776437ff9b6fc124aa
SHA-256: eb7bbd31c9ddfded325a5c0e291e17f396fff69d7835dd46eb2ce0778a0ecabf
tigervnc-server-applet-1.1.0-24.el6.noarch.rpm     MD5: a3e43b4d0151dd5b93301649b2d9e5b3
SHA-256: 81e9f09fe1513088dc52462475edf629a02169e600885540c164b05b330b03f8
tigervnc-server-module-1.1.0-24.el6.i686.rpm     MD5: f8f88ab180ae86752115bcc667663bb0
SHA-256: a1d9d09e40dc1db17a756b592ff4a495a5dcd23427d7be50f6c4c74b284eadac
 
x86_64:
tigervnc-1.1.0-24.el6.x86_64.rpm     MD5: 676b40224890e3ebd7404284d8131d60
SHA-256: bf529e15d33822ee07b4119f9e8b1aabafa0d5f356810a3bd930f40cbc9117a7
tigervnc-debuginfo-1.1.0-24.el6.x86_64.rpm     MD5: 9c65e2baffedd26bcd6d9d4ce0b54878
SHA-256: bf7e302a7da903b3f8f62dbb15d1206cfde02f5a9780aae8b9c44c21e4119936
tigervnc-server-1.1.0-24.el6.x86_64.rpm     MD5: 82927a13699720e4f146821b35337f04
SHA-256: d8b49775d9ec9beab24f7a01e04723a5b4c7f1f4a64485a9737d6b3993ca5ee6
tigervnc-server-applet-1.1.0-24.el6.noarch.rpm     MD5: a3e43b4d0151dd5b93301649b2d9e5b3
SHA-256: 81e9f09fe1513088dc52462475edf629a02169e600885540c164b05b330b03f8
tigervnc-server-module-1.1.0-24.el6.x86_64.rpm     MD5: 7839bf9755fe41328901f9b204f0e1a3
SHA-256: 2c8f4f4928eb2da8aac786a23832897f297432d96e20486bc41baa898c8c1940
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

1323065 - tigervnc cannot build against xorg-x11-server-source
1378922 - tigervnc-server needs to be rebuilt to re-enable listen-on-tcp behavior in RHEL 6.8
1390458 - New version of tigervnc-server disconnects Xsession when initiated from xinetd
1415712 - CVE-2017-5581 tigervnc: Buffer overflow in ModifiablePixelBuffer::fillRect
1418761 - CVE-2016-10207 tigervnc: VNC server can crash when TLS handshake terminates early


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/