| Package | libvncserver |
|---|---|
| Version | 0.9.11+dfsg-1.3~deb9u7 (stretch) |
| Related CVEs | CVE-2020-29260 |
An issue has been found in libvncserver, a library to write one’s own VNC server. Due to a memory leak in function rfbClientCleanup() a remote attacker might be able to cause a denial of service.
For Debian 9 stretch, these problems have been fixed in version 0.9.11+dfsg-1.3~deb9u7.
We recommend that you upgrade your libvncserver packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.