Ubuntu 3877-1: LibVNCServer vulnerabilities
Summary
Update Instructions
The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10: libvncclient1 0.9.11+dfsg-1.1ubuntu0.1 libvncserver1 0.9.11+dfsg-1.1ubuntu0.1 Ubuntu 18.04 LTS: libvncclient1 0.9.11+dfsg-1ubuntu1.1 libvncserver1 0.9.11+dfsg-1ubuntu1.1 Ubuntu 16.04 LTS: libvncclient1 0.9.10+dfsg-3ubuntu0.16.04.3 libvncserver1 0.9.10+dfsg-3ubuntu0.16.04.3 Ubuntu 14.04 LTS: libvncserver0 0.9.9+dfsg-1ubuntu1.4 After a standard system update you need to restart LibVNCServer applications to make all the necessary changes.
References
https://ubuntu.com/security/notices/USN-3877-1
CVE-2018-15126, CVE-2018-15127, CVE-2018-20019, CVE-2018-20020,
CVE-2018-20021, CVE-2018-20022, CVE-2018-20023, CVE-2018-20024,
CVE-2018-20748, CVE-2018-20749, CVE-2018-20750, CVE-2018-6307
Package Information
https://launchpad.net/ubuntu/+source/libvncserver/0.9.11+dfsg-1.1ubuntu0.1 https://launchpad.net/ubuntu/+source/libvncserver/0.9.11+dfsg-1ubuntu1.1 https://launchpad.net/ubuntu/+source/libvncserver/0.9.10+dfsg-3ubuntu0.16.04.3 https://launchpad.net/ubuntu/+source/libvncserver/0.9.9+dfsg-1ubuntu1.4