diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2019-11-03 16:06:58 +0000 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2019-11-03 16:06:58 +0000 |
commit | bd4aeefe33e63f613512604e47bfca7b2187697d (patch) | |
tree | adb35b5a9a00ee7ea591ab0c987f70167c23b597 /net-libs/libvncserver | |
parent | 48ece6662cbd443015f5a57ae6d8cbdbd69ef37c (diff) |
gentoo resync : 03.11.2019
Diffstat (limited to 'net-libs/libvncserver')
7 files changed, 261 insertions, 5 deletions
diff --git a/net-libs/libvncserver/Manifest b/net-libs/libvncserver/Manifest index 6fef1b804330..5401c12d7417 100644 --- a/net-libs/libvncserver/Manifest +++ b/net-libs/libvncserver/Manifest @@ -1,6 +1,11 @@ -AUX libvncserver-0.9.12-cmake-libdir.patch 669 BLAKE2B 1906637be7180a884aa3daf8e6c670181a639a9646488830e3e84cf71ed927e656f51edd097145fac9c554d2f8af796300906ade5c3a5d910a49c4c486a8475f SHA512 e6833922d39ad13484a3ae96eb2ee5cda3ce52d41e0a0ea88281221f5378e7effa8f0a8eaac593e111e8e0b64de0f458d17df496fbdf124f2fbca2806f52012c +AUX libvncserver-0.9.12-CVE-2018-20750.patch 1865 BLAKE2B 351e515b4b2ccb22c8b6620763df04f57e5f32a98031e941aef4beff26f5fafb846bdf224d3b9cde49fd7a098ff5b7bf3040aaca3013e09aa19c2897d7bd9847 SHA512 439e309cc2d16a1aa5d37349e2af52c2637f68fce699882192dacf4e256a98351f7c95f7217bf6f6a54feb3a6b8e381ed7889218d86a00df45cd9dd4941bbb7f +AUX libvncserver-0.9.12-CVE-2019-15681.patch 881 BLAKE2B 27422045c50ae2c51a49f0b6616b5dd4e4cc33538ef86945e4ed8c4ca13893fffe0e36ac977efb20166c281bda3609ff9e9e4040bf45880b38343c88b00b475a SHA512 1043f40f7d7d4747df4d93ffbfdd102b447eb974e2d023fae64e833beb2e8e5370fc4243728db6403b5cf6c7bd65b2585b0ac8cfafabe24b2a9a4a498d9c2a46 +AUX libvncserver-0.9.12-cmake-libdir.patch 1272 BLAKE2B ee987d2cf311000de0e8d8ee3449b1f2705a3ec328eecd1b848ebe3fdc5f01e97b074acdab921a5f8e0608494efc0e96d3cfe574f3c5cce01d71f46c5f44fe4b SHA512 1867199b89fd7b1a9308fa10c3bf96ea088371833e34f339a115b23160dcfb668a026c7d4aa87f493288ad9e9e215642a04f902b7afb4225216e336f7d9816f3 +AUX libvncserver-0.9.12-fix-tight-raw-decoding.patch 1486 BLAKE2B 6baf50393a728e0af7dbdc2442c881992a22d2b206ba4381f52ac7607c1a92c3c15084fad81a3bcaa68d1c989306bdce0e64808adbf392c4b102531d9f1bbfc9 SHA512 258ffd60e33fcf8b60fe1d6843f14a0421fc4c309b2bec65bdb2c381718c92d850da9ebc8feae23aef610b72ac2c52afe9fe8048c6ecae6a4340e6a947e1ea5a AUX libvncserver-0.9.12-libgcrypt.patch 1526 BLAKE2B 83e042ff875844cced2cb1416477c9fa255f84e6cc40b9d1d5e7dfa3e2467effb3481155b5eeeb29835cf29c0a6aa0ed381862fc184e4070b149b3a1bfc84c9e SHA512 2b2aba010104b2206eab7bec1bc6a258edb28d43da2a376d03e063d9d5e7236d690388da8ccd501b22d3181b966d2b6ee1e6752153c1ff78ab498a59355fb385 +AUX libvncserver-0.9.12-pkgconfig-libdir.patch 1241 BLAKE2B 7ac16afc86204a320253c4b0b819e4c66c44c6112ac5a9bfbae13bd567391f137d1c4f786f43e5023663fcccb7d45aed628459301dd0859361a7b01f41a98d29 SHA512 37d15eb01f6c89d012c47fff885c2405ead2b7e18798b3fa68fb72bffff9caf084652e1d29fbb11263800c69e875d9442fdef660ea69b146361690820035f056 AUX libvncserver-0.9.12-sparc-unaligned.patch 1463 BLAKE2B 66ab54a68026de0c9ce5eb04333b24ae104bc24b2fcacf5c1aad2a7d019f94feef46b4588166d8063bd3e5c616b40092309306600328eb8e7597efba5e35952e SHA512 c2d26ca2a570de3fdbabef723cfe3cb6208aabe9d7222feb6f0128fba55370e0dff0b520ac84abdc6d1dc6c0762092d36dea21eccff68432cb1c6e5b1e3b79df DIST LibVNCServer-0.9.12.tar.gz 2237447 BLAKE2B 583500c0bcfb6e9e3a02a33fb2701113b164851f0906fcc4845de7c7d82d4f7f65f5edd6c9a672348ee1deeefc65c1b0a257da024254598ba86d121d424f027e SHA512 60ff1cc93a937d6f8f97449bc58b763095846207112f7b1b3c43eb2d74448b595d6da949903a764bd484ee54e38ff6277e882adbe965dd6d26ba15ef6ff6fcb8 EBUILD libvncserver-0.9.12-r2.ebuild 2097 BLAKE2B 1223ec5554bef0062c5fb20297bf8d07f0c43241cb35e6f51e1b71eb841c3bf392403f1acacd10330b37be829373c6587ad95dccbf6d2ffa192451f3dcf61085 SHA512 bec5d64d0f6400d2f9c434e832f4360e56fdfacfbb6efa2fba58eadbd0df71f5731083415cb6689fa1bab994698ad84a6483a6491b7c6171ef88b463f884235e +EBUILD libvncserver-0.9.12-r3.ebuild 2281 BLAKE2B 91fafd161a72b9d0124c5bc8b92a52312db21a7fa2104b5206eb3ac908ce3fb0f448efe615a9cb0dedd8b7b4cf8c928256fcefa696979836ae2c64b0aaf5727c SHA512 20b8fa68a6def2a2242dc52472716dab3b3002ef72d8e2218ad6d9cc5392b6ba6e56ea20783b091919074294f60f4e2c1834a45e76672f9e0c96cb4c5fb1b1b8 MISC metadata.xml 994 BLAKE2B 3c12097d08f89fadac86ad92efccccbb533c1ac018cf426aae4a45bbea33ae227dfaec320a7710eabff7da96d22229997dee72b2c84b1aedc575e21e0a5decff SHA512 0ca13849ab948490b862838bf3c2b87cb97ce1739369d23426e518197a786cf24fc79967c01072b710d37c298c792c45e61a55e558d692087800e834f93003e2 diff --git a/net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2018-20750.patch b/net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2018-20750.patch new file mode 100644 index 000000000000..55f122d12584 --- /dev/null +++ b/net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2018-20750.patch @@ -0,0 +1,47 @@ +From 09e8fc02f59f16e2583b34fe1a270c238bd9ffec Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com> +Date: Mon, 7 Jan 2019 10:40:01 +0100 +Subject: [PATCH 01/51] Limit lenght to INT_MAX bytes in + rfbProcessFileTransferReadBuffer() + +This ammends 15bb719c03cc70f14c36a843dcb16ed69b405707 fix for a heap +out-of-bound write access in rfbProcessFileTransferReadBuffer() when +reading a transfered file content in a server. The former fix did not +work on platforms with a 32-bit int type (expected by rfbReadExact()). + +CVE-2018-15127 +<https://github.com/LibVNC/libvncserver/issues/243> +<https://github.com/LibVNC/libvncserver/issues/273> +--- + libvncserver/rfbserver.c | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c +index 7af8490..f2edbee 100644 +--- a/libvncserver/rfbserver.c ++++ b/libvncserver/rfbserver.c +@@ -88,6 +88,8 @@ + #include <errno.h> + /* strftime() */ + #include <time.h> ++/* INT_MAX */ ++#include <limits.h> + + #ifdef LIBVNCSERVER_WITH_WEBSOCKETS + #include "rfbssl.h" +@@ -1472,8 +1474,11 @@ char *rfbProcessFileTransferReadBuffer(rfbClientPtr cl, uint32_t length) + 0XFFFFFFFF, i.e. SIZE_MAX for 32-bit systems. On 64-bit systems, a length of 0XFFFFFFFF + will safely be allocated since this check will never trigger and malloc() can digest length+1 + without problems as length is a uint32_t. ++ We also later pass length to rfbReadExact() that expects a signed int type and ++ that might wrap on platforms with a 32-bit int type if length is bigger ++ than 0X7FFFFFFF. + */ +- if(length == SIZE_MAX) { ++ if(length == SIZE_MAX || length > INT_MAX) { + rfbErr("rfbProcessFileTransferReadBuffer: too big file transfer length requested: %u", (unsigned int)length); + rfbCloseClient(cl); + return NULL; +-- +2.23.0 + diff --git a/net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2019-15681.patch b/net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2019-15681.patch new file mode 100644 index 000000000000..301d1340d14c --- /dev/null +++ b/net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2019-15681.patch @@ -0,0 +1,26 @@ +From d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a Mon Sep 17 00:00:00 2001 +From: Christian Beier <dontmind@freeshell.org> +Date: Mon, 19 Aug 2019 22:32:25 +0200 +Subject: [PATCH 48/51] rfbserver: don't leak stack memory to the remote + +Thanks go to Pavel Cheremushkin of Kaspersky for reporting. +--- + libvncserver/rfbserver.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c +index 3bacc89..310e548 100644 +--- a/libvncserver/rfbserver.c ++++ b/libvncserver/rfbserver.c +@@ -3724,6 +3724,8 @@ rfbSendServerCutText(rfbScreenInfoPtr rfbScreen,char *str, int len) + rfbServerCutTextMsg sct; + rfbClientIteratorPtr iterator; + ++ memset((char *)&sct, 0, sizeof(sct)); ++ + iterator = rfbGetClientIterator(rfbScreen); + while ((cl = rfbClientIteratorNext(iterator)) != NULL) { + sct.type = rfbServerCutText; +-- +2.23.0 + diff --git a/net-libs/libvncserver/files/libvncserver-0.9.12-cmake-libdir.patch b/net-libs/libvncserver/files/libvncserver-0.9.12-cmake-libdir.patch index 35ee26dc7b04..cc6e4bdc9097 100644 --- a/net-libs/libvncserver/files/libvncserver-0.9.12-cmake-libdir.patch +++ b/net-libs/libvncserver/files/libvncserver-0.9.12-cmake-libdir.patch @@ -1,6 +1,27 @@ ---- libvncserver-LibVNCServer-0.9.12/CMakeLists.txt -+++ libvncserver-LibVNCServer-0.9.12/CMakeLists.txt -@@ -666,8 +666,8 @@ +From 3348a7e42e86dfb98dd7458ad29def476cf6096f Mon Sep 17 00:00:00 2001 +From: Christian Beier <dontmind@freeshell.org> +Date: Sat, 9 Feb 2019 13:23:26 +0100 +Subject: [PATCH 02/51] CMake: replace hardcoded 'lib' with + ${CMAKE_INSTALL_LIBDIR} + +Closes #281 +--- + CMakeLists.txt | 7 ++++--- + 1 file changed, 4 insertions(+), 3 deletions(-) + +diff --git a/CMakeLists.txt b/CMakeLists.txt +index 873cc7b..55f7e65 100644 +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -9,6 +9,7 @@ include(CheckTypeSize) + include(TestBigEndian) + include(CheckCSourceCompiles) + include(CheckCSourceRuns) ++include(GNUInstallDirs) + + enable_testing() + +@@ -666,8 +667,8 @@ get_link_libraries(PRIVATE_LIBS vncclient) configure_file(${CMAKE_CURRENT_SOURCE_DIR}/libvncclient.pc.cmakein ${CMAKE_CURRENT_BINARY_DIR}/libvncclient.pc @ONLY) @@ -11,7 +32,7 @@ install_files(/include/rfb FILES rfb/keysym.h rfb/rfb.h -@@ -677,7 +677,7 @@ +@@ -677,7 +678,7 @@ install_files(/include/rfb FILES rfb/rfbregion.h ) @@ -20,3 +41,6 @@ libvncserver.pc libvncclient.pc ) +-- +2.23.0 + diff --git a/net-libs/libvncserver/files/libvncserver-0.9.12-fix-tight-raw-decoding.patch b/net-libs/libvncserver/files/libvncserver-0.9.12-fix-tight-raw-decoding.patch new file mode 100644 index 000000000000..e862d634346f --- /dev/null +++ b/net-libs/libvncserver/files/libvncserver-0.9.12-fix-tight-raw-decoding.patch @@ -0,0 +1,40 @@ +From 6b87d6154200667a66212f80068f7468eaa0f048 Mon Sep 17 00:00:00 2001 +From: DRC <information@virtualgl.org> +Date: Sat, 28 Sep 2019 14:54:30 -0500 +Subject: [PATCH 50/51] LibVNCClient: Fix regression in Tight/Raw decoding + +Introduced by d7b1462 in LibVNCServer 0.9.12. This regression caused +the pixels in some RFB rectangles to become corrupted/garbled when the +Tight encoding was used, without the JPEG subencoding, with a 15-bit or +16-bit color depth. + +Fixes #335 +Fixes https://gitlab.com/Remmina/Remmina/issues/1824 +--- + libvncclient/tight.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/libvncclient/tight.c b/libvncclient/tight.c +index df01812..0586f47 100644 +--- a/libvncclient/tight.c ++++ b/libvncclient/tight.c +@@ -1,5 +1,5 @@ + /* +- * Copyright (C) 2017 D. R. Commander. All Rights Reserved. ++ * Copyright (C) 2017, 2019 D. R. Commander. All Rights Reserved. + * Copyright (C) 2004-2008 Sun Microsystems, Inc. All Rights Reserved. + * Copyright (C) 2004 Landmark Graphics Corporation. All Rights Reserved. + * Copyright (C) 2000, 2001 Const Kaplinsky. All Rights Reserved. +@@ -360,7 +360,8 @@ FilterCopyBPP (rfbClient* client, int srcx, int srcy, int numRows) + #endif + + for (y = 0; y < numRows; y++) +- memcpy (&dst[y*client->width], &client->buffer[y*client->rectWidth], ++ memcpy (&dst[y*client->width], ++ &client->buffer[y * client->rectWidth * (BPP / 8)], + client->rectWidth * (BPP / 8)); + } + +-- +2.23.0 + diff --git a/net-libs/libvncserver/files/libvncserver-0.9.12-pkgconfig-libdir.patch b/net-libs/libvncserver/files/libvncserver-0.9.12-pkgconfig-libdir.patch new file mode 100644 index 000000000000..6a50ac892064 --- /dev/null +++ b/net-libs/libvncserver/files/libvncserver-0.9.12-pkgconfig-libdir.patch @@ -0,0 +1,41 @@ +From 36a71279ed5b10effecd879caf6c3791842ca713 Mon Sep 17 00:00:00 2001 +From: Christian Beier <dontmind@freeshell.org> +Date: Thu, 28 Mar 2019 21:06:36 +0100 +Subject: [PATCH 03/51] CMake: replace 'lib' with ${CMAKE_INSTALL_LIBDIR} for + pkgconfig files as well + +Thanks to https://github.com/ikelos for spotting this ;-) + +Closes #290 +--- + libvncclient.pc.cmakein | 2 +- + libvncserver.pc.cmakein | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/libvncclient.pc.cmakein b/libvncclient.pc.cmakein +index 169a8b7..445f7e7 100644 +--- a/libvncclient.pc.cmakein ++++ b/libvncclient.pc.cmakein +@@ -1,6 +1,6 @@ + prefix=@CMAKE_INSTALL_PREFIX@ + exec_prefix=@CMAKE_INSTALL_PREFIX@ +-libdir=@CMAKE_INSTALL_PREFIX@/lib ++libdir=@CMAKE_INSTALL_PREFIX@/@CMAKE_INSTALL_LIBDIR@ + includedir=@CMAKE_INSTALL_PREFIX@/include + + Name: LibVNCClient +diff --git a/libvncserver.pc.cmakein b/libvncserver.pc.cmakein +index f38d74f..c689806 100644 +--- a/libvncserver.pc.cmakein ++++ b/libvncserver.pc.cmakein +@@ -1,6 +1,6 @@ + prefix=@CMAKE_INSTALL_PREFIX@ + exec_prefix=@CMAKE_INSTALL_PREFIX@ +-libdir=@CMAKE_INSTALL_PREFIX@/lib ++libdir=@CMAKE_INSTALL_PREFIX@/@CMAKE_INSTALL_LIBDIR@ + includedir=@CMAKE_INSTALL_PREFIX@/include + + Name: LibVNCServer +-- +2.23.0 + diff --git a/net-libs/libvncserver/libvncserver-0.9.12-r3.ebuild b/net-libs/libvncserver/libvncserver-0.9.12-r3.ebuild new file mode 100644 index 000000000000..e21ed47bcc3d --- /dev/null +++ b/net-libs/libvncserver/libvncserver-0.9.12-r3.ebuild @@ -0,0 +1,73 @@ +# Copyright 1999-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit cmake-utils + +MY_P="LibVNCServer-${PV}" +DESCRIPTION="library for creating vnc servers" +HOMEPAGE="https://libvnc.github.io/" +SRC_URI="https://github.com/LibVNC/${PN}/archive/${MY_P}.tar.gz" + +# libvncserver/tightvnc-filetransfer/*: GPL-2, but we don't build it +# common/d3des.*: https://github.com/LibVNC/libvncserver/issues/88 +LICENSE="GPL-2+ LGPL-2.1+ BSD MIT" +# no sub slot wanted (yet), see #578958 +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-linux ~x86-linux" +IUSE="+24bpp gcrypt gnutls ipv6 +jpeg libressl lzo +png sasl ssl systemd +threads +zlib" +# https://bugs.gentoo.org/690202 +# https://bugs.gentoo.org/435326 +# https://bugs.gentoo.org/550916 +REQUIRED_USE="jpeg? ( zlib ) png? ( zlib ) ssl? ( !gnutls? ( threads ) )" + +DEPEND=" + gcrypt? ( >=dev-libs/libgcrypt-1.5.3:0= ) + ssl? ( + !gnutls? ( + !libressl? ( >=dev-libs/openssl-1.0.2:0= ) + libressl? ( >=dev-libs/libressl-2.7.0:0= ) + ) + gnutls? ( >=net-libs/gnutls-2.12.23-r6:0= ) + ) + jpeg? ( >=virtual/jpeg-0-r2:0 ) + lzo? ( dev-libs/lzo ) + png? ( >=media-libs/libpng-1.6.10:0= ) + sasl? ( dev-libs/cyrus-sasl ) + systemd? ( sys-apps/systemd:= ) + zlib? ( >=sys-libs/zlib-1.2.8-r1:0= )" +RDEPEND="${DEPEND}" + +S="${WORKDIR}/${PN}-${MY_P}" + +DOCS=( AUTHORS ChangeLog NEWS README.md TODO ) + +PATCHES=( + "${FILESDIR}"/${P}-cmake-libdir.patch + "${FILESDIR}"/${P}-pkgconfig-libdir.patch + "${FILESDIR}"/${P}-libgcrypt.patch + "${FILESDIR}"/${P}-sparc-unaligned.patch + "${FILESDIR}"/${P}-CVE-2018-20750.patch + "${FILESDIR}"/${P}-CVE-2019-15681.patch + "${FILESDIR}"/${P}-fix-tight-raw-decoding.patch +) + +src_configure() { + local mycmakeargs=( + -DWITH_ZLIB=$(usex zlib ON OFF) + -DWITH_LZO=$(usex lzo ON OFF) + -DWITH_JPEG=$(usex jpeg ON OFF) + -DWITH_PNG=$(usex png ON OFF) + -DWITH_THREADS=$(usex threads ON OFF) + -DWITH_GNUTLS=$(usex gnutls $(usex ssl ON OFF) OFF) + -DWITH_OPENSSL=$(usex gnutls OFF $(usex ssl ON OFF)) + -DWITH_GCRYPT=$(usex gcrypt ON OFF) + -DWITH_SYSTEMD=$(usex systemd ON OFF) + -DWITH_FFMPEG=OFF + -DWITH_24BPP=$(usex 24bpp ON OFF) + -DWITH_IPv6=$(usex ipv6 ON OFF) + -DWITH_SASL=$(usex sasl ON OFF) + ) + cmake-utils_src_configure +} |