tigervnc-1.11.0-6.el8
エラータID: AXSA:2021-2102:03
リリース日:
2021/06/29 Tuesday - 13:23
題名:
tigervnc-1.11.0-6.el8
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
[Security Fix]
- TigerVNC の rfb/CSecurityTLS.cxx と rfb/CSecurityTLS.java には 例外として
TLS 証明書を処理する際に、誤ってその証明書を認証局として保存する問題があり、
クライアントが例外として証明書を追加した後に、証明書の所有者によってどのよ
うなサーバーにもなりすまされる脆弱性があります。(CVE-2020-26117)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2020-26117
In rfb/CSecurityTLS.cxx and rfb/CSecurityTLS.java in TigerVNC before 1.11.0, viewers mishandle TLS certificate exceptions. They store the certificates as authorities, meaning that the owner of a certificate could impersonate any server after a client had added an exception.
In rfb/CSecurityTLS.cxx and rfb/CSecurityTLS.java in TigerVNC before 1.11.0, viewers mishandle TLS certificate exceptions. They store the certificates as authorities, meaning that the owner of a certificate could impersonate any server after a client had added an exception.
追加情報:
N/A
ダウンロード:
SRPMS
- tigervnc-1.11.0-6.el8.src.rpm
MD5: ec97c37fa4514c6ce3e41852eb94cbac
SHA-256: 8900610e95645ecd1f500cd74f41cc5d7a34fb050305d2b17793c803df66eece
Size: 1.35 MB
Asianux Server 8 for x86_64
- tigervnc-1.11.0-6.el8.x86_64.rpm
MD5: 8be49c52af0a1366da40d06d9243914b
SHA-256: d9f212c4ad2603777db6c5f27773d6109473280568fd3ad4b2aa219f7ff0e42b
Size: 299.02 kB - tigervnc-icons-1.11.0-6.el8.noarch.rpm
MD5: 0dabb2fed9a76634b9d5032135f9fd13
SHA-256: e7e56183708138c6652c53b98108e4989f6226b13d1355850eef58ac9f8fe714
Size: 47.23 kB - tigervnc-license-1.11.0-6.el8.noarch.rpm
MD5: 03b2fa9eccecf00df65fb4d0185fbe73
SHA-256: 165d1ec6569753096ad958a539689ce284a5f533973f4602805a288f440b53f0
Size: 37.62 kB - tigervnc-selinux-1.11.0-6.el8.noarch.rpm
MD5: 9197b30bc1314adc553fb844383453e1
SHA-256: df799a617f2675391767f4c498b440748bd50968314b80e3f5310ddebe5b6cd9
Size: 46.16 kB - tigervnc-server-1.11.0-6.el8.x86_64.rpm
MD5: f6bc4e10906b179ebd6899a2bb933522
SHA-256: bb2a653a51a9426ccc3699728be264a151057fd98e16d32628de8b26585ef31f
Size: 268.71 kB - tigervnc-server-minimal-1.11.0-6.el8.x86_64.rpm
MD5: 8eab1cc4f623bc90543b82ad15db51cd
SHA-256: f1ee3440cb62bfd0bb14052627a0cc027b635517b5da23c34db51c0e9d9b3827
Size: 1.11 MB - tigervnc-server-module-1.11.0-6.el8.x86_64.rpm
MD5: 51ecb3c820e216349c417570dec68902
SHA-256: 12d68382256f0498381c0656c24f5a08a2aa0a5f967547d0756080b6c8af8f84
Size: 252.84 kB