Important product security update: Virtuozzo 6.0 Update 12 Hotfix 49 (6.0.12-3754)¶
Issue date: 2019-12-06
Applies to: Virtuozzo 6.0
Virtuozzo Advisory ID: VZA-2019-093
1. Overview¶
This update provides a security and a stability fix.
2. Security Fixes¶
[Important] libVNCServer-0.9.10 contains a memory leak in VNC server code, which may allow an attacker to read stack memory. (CVE-2019-15681, PSBM-99817)
3. Bug Fixes¶
prl_vzvncserver_app could generate 100% CPU core load, preventing access to VNC console. (PSBM-97140)
4. Installing the Update¶
Install the update by running ‘yum update’.
The JSON file with the list of new and updated packages is available at https://docs.virtuozzo.com/vza/VZA-2019-093.json.
Nov 18, 2024