summaryrefslogtreecommitdiff
path: root/user/libvncserver
diff options
context:
space:
mode:
Diffstat (limited to 'user/libvncserver')
-rw-r--r--user/libvncserver/APKBUILD21
-rw-r--r--user/libvncserver/CVE-2018-15127.patch44
-rw-r--r--user/libvncserver/LibVNCServer-0.9.10-system_minilzo.patch67
3 files changed, 13 insertions, 119 deletions
diff --git a/user/libvncserver/APKBUILD b/user/libvncserver/APKBUILD
index 764fec75a..38aa33611 100644
--- a/user/libvncserver/APKBUILD
+++ b/user/libvncserver/APKBUILD
@@ -1,8 +1,8 @@
-# Contributor: Sergei Lukin <sergej.lukin@gmail.com>
+# Contributor: Sergey Lukin <sergej.lukin@gmail.com>
# Contributor: Natanael Copa <ncopa@alpinelinux.org>
# Maintainer: A. Wilcox <awilfox@adelielinux.org>
pkgname=libvncserver
-pkgver=0.9.12
+pkgver=0.9.13
pkgrel=0
pkgdesc="Library to make writing a vnc server easy"
url="https://libvnc.github.io/"
@@ -12,10 +12,9 @@ depends=""
depends_dev="libgcrypt-dev libjpeg-turbo-dev gnutls-dev libpng-dev
libice-dev libx11-dev libxdamage-dev libxext-dev libxfixes-dev
libxi-dev libxinerama-dev libxrandr-dev libxtst-dev"
-makedepends="$depends_dev autoconf automake libtool"
+makedepends="$depends_dev cmake"
subpackages="$pkgname-dev"
-source="https://github.com/LibVNC/libvncserver/archive/LibVNCServer-$pkgver.tar.gz
- CVE-2018-15127.patch"
+source="https://github.com/LibVNC/libvncserver/archive/LibVNCServer-$pkgver.tar.gz"
builddir="$srcdir"/libvncserver-LibVNCServer-$pkgver
# secfixes:
@@ -24,6 +23,12 @@ builddir="$srcdir"/libvncserver-LibVNCServer-$pkgver
# - CVE-2016-9942
# 0.9.12-r0:
# - CVE-2018-15127
+# 0.9.12-r1:
+# - CVE-2019-15681
+# - CVE-2019-15690
+# 0.9.13-r0:
+# - CVE-2019-20788
+# - CVE-2020-14401
build() {
if [ "$CBUILD" != "$CHOST" ]; then
@@ -31,11 +36,12 @@ build() {
fi
cmake \
-DCMAKE_INSTALL_PREFIX=/usr \
+ -DCMAKE_INSTALL_LIBDIR=lib \
-DBUILD_SHARED_LIBS=True \
-DCMAKE_BUILD_TYPE=RelWithDebugInfo \
-DCMAKE_CXX_FLAGS="$CXXFLAGS" \
-DCMAKE_C_FLAGS="$CFLAGS" \
- ${CMAKE_CROSSOPTS}
+ ${CMAKE_CROSSOPTS} .
make
}
@@ -48,5 +54,4 @@ package() {
make install DESTDIR="$pkgdir"
}
-sha512sums="60ff1cc93a937d6f8f97449bc58b763095846207112f7b1b3c43eb2d74448b595d6da949903a764bd484ee54e38ff6277e882adbe965dd6d26ba15ef6ff6fcb8 LibVNCServer-0.9.12.tar.gz
-8b5b6742e6c3a181c60652484b15ec42cc0a3acc1e82cef38e82b61f43f1de456d09731976f4e5dfab44abf3e551e22aaf4300cb8418cd8e136d705fcb2a7dbe CVE-2018-15127.patch"
+sha512sums="18b0a1698d32bbdbfe6f65f76130b2a95860e3cc76e8adb904269663698c7c0ae982f451fda1f25e5461f096045d40a89d9014258f439366d5b4feaa4999d643 LibVNCServer-0.9.13.tar.gz"
diff --git a/user/libvncserver/CVE-2018-15127.patch b/user/libvncserver/CVE-2018-15127.patch
deleted file mode 100644
index 146243670..000000000
--- a/user/libvncserver/CVE-2018-15127.patch
+++ /dev/null
@@ -1,44 +0,0 @@
-From 09e8fc02f59f16e2583b34fe1a270c238bd9ffec Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
-Date: Mon, 7 Jan 2019 10:40:01 +0100
-Subject: [PATCH] Limit lenght to INT_MAX bytes in
- rfbProcessFileTransferReadBuffer()
-
-This ammends 15bb719c03cc70f14c36a843dcb16ed69b405707 fix for a heap
-out-of-bound write access in rfbProcessFileTransferReadBuffer() when
-reading a transfered file content in a server. The former fix did not
-work on platforms with a 32-bit int type (expected by rfbReadExact()).
-
-CVE-2018-15127
-<https://github.com/LibVNC/libvncserver/issues/243>
-<https://github.com/LibVNC/libvncserver/issues/273>
----
- libvncserver/rfbserver.c | 7 ++++++-
- 1 file changed, 6 insertions(+), 1 deletion(-)
-
-diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c
-index 7af84906..f2edbeea 100644
---- a/libvncserver/rfbserver.c
-+++ b/libvncserver/rfbserver.c
-@@ -88,6 +88,8 @@
- #include <errno.h>
- /* strftime() */
- #include <time.h>
-+/* INT_MAX */
-+#include <limits.h>
-
- #ifdef LIBVNCSERVER_WITH_WEBSOCKETS
- #include "rfbssl.h"
-@@ -1472,8 +1474,11 @@ char *rfbProcessFileTransferReadBuffer(rfbClientPtr cl, uint32_t length)
- 0XFFFFFFFF, i.e. SIZE_MAX for 32-bit systems. On 64-bit systems, a length of 0XFFFFFFFF
- will safely be allocated since this check will never trigger and malloc() can digest length+1
- without problems as length is a uint32_t.
-+ We also later pass length to rfbReadExact() that expects a signed int type and
-+ that might wrap on platforms with a 32-bit int type if length is bigger
-+ than 0X7FFFFFFF.
- */
-- if(length == SIZE_MAX) {
-+ if(length == SIZE_MAX || length > INT_MAX) {
- rfbErr("rfbProcessFileTransferReadBuffer: too big file transfer length requested: %u", (unsigned int)length);
- rfbCloseClient(cl);
- return NULL;
diff --git a/user/libvncserver/LibVNCServer-0.9.10-system_minilzo.patch b/user/libvncserver/LibVNCServer-0.9.10-system_minilzo.patch
deleted file mode 100644
index 34e789bba..000000000
--- a/user/libvncserver/LibVNCServer-0.9.10-system_minilzo.patch
+++ /dev/null
@@ -1,67 +0,0 @@
-diff -up LibVNCServer-0.9.10/libvncclient/Makefile.am.system_minilzo LibVNCServer-0.9.10/libvncclient/Makefile.am
---- LibVNCServer-0.9.10/libvncclient/Makefile.am.system_minilzo 2014-04-05 18:38:35.000000000 -0500
-+++ LibVNCServer-0.9.10/libvncclient/Makefile.am 2014-04-29 08:56:27.861761880 -0500
-@@ -13,10 +13,10 @@ endif
- endif
-
-
--libvncclient_la_SOURCES=cursor.c listen.c rfbproto.c sockets.c vncviewer.c ../common/minilzo.c $(TLSSRCS)
--libvncclient_la_LIBADD=$(TLSLIBS) $(VA_LIBS)
-+libvncclient_la_SOURCES=cursor.c listen.c rfbproto.c sockets.c vncviewer.c $(TLSSRCS)
-+libvncclient_la_LIBADD=$(TLSLIBS) $(VA_LIBS) -lminilzo
-
--noinst_HEADERS=../common/lzodefs.h ../common/lzoconf.h ../common/minilzo.h tls.h
-+noinst_HEADERS=tls.h
-
- rfbproto.o: rfbproto.c corre.c hextile.c rre.c tight.c zlib.c zrle.c ultra.c
-
-diff -up LibVNCServer-0.9.10/libvncclient/rfbproto.c.system_minilzo LibVNCServer-0.9.10/libvncclient/rfbproto.c
---- LibVNCServer-0.9.10/libvncclient/rfbproto.c.system_minilzo 2014-04-05 18:38:35.000000000 -0500
-+++ LibVNCServer-0.9.10/libvncclient/rfbproto.c 2014-04-29 08:39:57.638331693 -0500
-@@ -61,7 +61,7 @@
- #include <gcrypt.h>
- #endif
-
--#include "minilzo.h"
-+#include <lzo/minilzo.h>
- #include "tls.h"
-
- /*
-diff -up LibVNCServer-0.9.10/libvncserver/Makefile.am.system_minilzo LibVNCServer-0.9.10/libvncserver/Makefile.am
---- LibVNCServer-0.9.10/libvncserver/Makefile.am.system_minilzo 2014-04-05 18:38:35.000000000 -0500
-+++ LibVNCServer-0.9.10/libvncserver/Makefile.am 2014-04-29 08:39:57.638331693 -0500
-@@ -37,7 +37,7 @@ include_HEADERS=../rfb/rfb.h ../rfb/rfbc
-
- noinst_HEADERS=../common/d3des.h ../rfb/default8x16.h zrleoutstream.h \
- zrlepalettehelper.h zrletypes.h private.h scale.h rfbssl.h rfbcrypto.h \
-- ../common/minilzo.h ../common/lzoconf.h ../common/lzodefs.h ../common/md5.h ../common/sha1.h \
-+ ../common/md5.h ../common/sha1.h \
- $(TIGHTVNCFILETRANSFERHDRS)
-
- EXTRA_DIST=tableinit24.c tableinittctemplate.c tabletranstemplate.c \
-@@ -54,11 +54,11 @@ endif
- LIB_SRCS = main.c rfbserver.c rfbregion.c auth.c sockets.c $(WEBSOCKETSSRCS) \
- stats.c corre.c hextile.c rre.c translate.c cutpaste.c \
- httpd.c cursor.c font.c \
-- draw.c selbox.c ../common/d3des.c ../common/vncauth.c cargs.c ../common/minilzo.c ultra.c scale.c \
-+ draw.c selbox.c ../common/d3des.c ../common/vncauth.c cargs.c ultra.c scale.c \
- $(ZLIBSRCS) $(TIGHTSRCS) $(TIGHTVNCFILETRANSFERSRCS)
-
- libvncserver_la_SOURCES=$(LIB_SRCS)
--libvncserver_la_LIBADD=$(WEBSOCKETSSSLLIBS)
-+libvncserver_la_LIBADD=$(WEBSOCKETSSSLLIBS) -lminilzo
-
- lib_LTLIBRARIES=libvncserver.la
-
-diff -up LibVNCServer-0.9.10/libvncserver/ultra.c.system_minilzo LibVNCServer-0.9.10/libvncserver/ultra.c
---- LibVNCServer-0.9.10/libvncserver/ultra.c.system_minilzo 2014-04-05 18:38:35.000000000 -0500
-+++ LibVNCServer-0.9.10/libvncserver/ultra.c 2014-04-29 08:39:57.638331693 -0500
-@@ -8,7 +8,7 @@
- */
-
- #include <rfb/rfb.h>
--#include "minilzo.h"
-+#include <lzo/minilzo.h>
-
- /*
- * cl->beforeEncBuf contains pixel data in the client's format.