{"id":"MGASA-2020-0042","summary":"Updated tigervnc packages fix security vulnerabilities","details":"Updated tigervnc packages fix security vulnerabilities:\n\nThe tigervnc package has been updated to version 1.10.1 to fix multiple\nunspecified security issues. These issues affect both the client and server\nand could theoretically allow an malicious peer to take control over the\nsoftware on the other side. No working exploit is known at this time, and\nthe issues require the peer to first be authenticated (CVE-2019-15691,\nCVE-2019-15692, CVE-2019-15693, CVE-2019-15694, CVE-2019-15695).\n","modified":"2026-04-16T04:42:08.912471483Z","published":"2020-01-19T10:11:05Z","upstream":["CVE-2019-15691","CVE-2019-15692","CVE-2019-15693","CVE-2019-15694","CVE-2019-15695"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2020-0042.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=25917"},{"type":"WEB","url":"https://github.com/TigerVNC/tigervnc/releases/tag/v1.10.1"},{"type":"WEB","url":"https://www.openwall.com/lists/oss-security/2019/12/20/2"}],"affected":[{"package":{"name":"tigervnc","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/tigervnc?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.10.1-1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2020-0042.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}