Package "libvncserver-dev"
| Name: |
libvncserver-dev
|
Description: |
API to write one's own VNC server - development files
|
| Latest version: |
0.9.15+dfsg-1ubuntu0.1 |
| Release: |
questing (25.10) |
| Level: |
updates |
| Repository: |
main |
| Head package: |
libvncserver |
| Homepage: |
http://libvnc.github.io |
Links
Download "libvncserver-dev"
Other versions of "libvncserver-dev" in Questing
Changelog
|
libvncserver (0.9.15+dfsg-1ubuntu0.1) questing-security; urgency=medium
* SECURITY UPDATE: Heap Out-of-Bounds Read in HandleUltraZipBPP
- debian/patches/CVE-2026-32853.patch: libvncclient: add bounds checks to
UltraZip subrectangle parsing in src/libvncclient/ultra.c.
- CVE-2026-32853
* SECURITY UPDATE: NULL pointer dereferences in httpd proxy handlers
- debian/patches/CVE-2026-32854.patch: libvncserver: fix NULL pointer
dereferences in httpd proxy handlers in src/libvncserver/httpd.c.
- CVE-2026-32854
* SECURITY UPDATE: OOB write in Tight Gradient decoding
- debian/patches/CVE-2026-44988.patch: libvncclient: fix Tight gradient
decoding overflow in include/rfb/rfbclient.h, src/libvncclient/tight.c.
- CVE-2026-44988
-- Marc Deslauriers <email address hidden> Mon, 15 Jun 2026 10:52:23 -0400
|
| CVE-2026-32853 |
LibVNCServer versions 0.9.15 and prior (fixed in commit 009008e) contain a heap out-of-bounds read vulnerability in the UltraZip encoding handler tha |
| CVE-2026-32854 |
LibVNCServer versions 0.9.15 and prior (fixed in commit dc78dee) contain null pointer dereference vulnerabilities in the HTTP proxy handlers within h |
| CVE-2026-44988 |
LibVNCClient is a library for easy implementation of a VNC client. In 0.9.15 and earlier, LibVNCClient's Tight encoding decoder uses fixed-size 2048- |
|
About
-
Send Feedback to @ubuntu_updates
