MGASA-2013-0028
| Date: | February 6th, 2013 |
| Affected releases: | 2 |
| Media: | Core |
Description:
Updated vino package fixes security vulnerability:
It was found that Vino transmitted all clipboard activity on the system
running Vino to all clients connected to port 5900, even those who had not
authenticated. A remote attacker who is able to access port 5900 on a
system running Vino could use this flaw to read clipboard data without
authenticating (CVE-2012-4429).
Updated Packages:
i586:
vino-3.4.2-1.1.mga2.i586.rpm
vino-debug-3.4.2-1.1.mga2.i586.rpm
x86_64:
vino-3.4.2-1.1.mga2.x86_64.rpm
vino-debug-3.4.2-1.1.mga2.x86_64.rpm
SRPMS:
vino-3.4.2-1.1.mga2.src.rpm
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4429
https://rhn.redhat.com/errata/RHSA-2013-0169.html
https://bugs.mageia.org/show_bug.cgi?id=8782
