Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 2 Feb 2017 14:11:56 +0100
From: Matthias Gerstner <>
Subject: CVE request tigervnc: vnc server can crash when TLS handshake
 terminates early


the Xvnc server from tigervnc can crash when a client terminates a TLS
connection early. This is due to invalid initialization/deinitialization
order of the GnuTLS library.

Upstream commit:


This issue was reported/found by Ruediger Meier, Michal Srb (SUSE

Matthias Gerstner <>
Dipl.-Wirtsch.-Inf. (FH), Security Engineer
Telefon: +49 911 740 53 290

SUSE Linux GmbH 
GF: Felix Imendörffer, Jane Smithard, Graham Norton
HRB 21284 (AG Nuernberg)

Download attachment "signature.asc" of type "application/pgp-signature" (820 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.