gentoo resync : 14.12.2020

author: V3n3RiX <venerix@redcorelinux.org> 2020-12-14 13:26:14 +0000
committer: V3n3RiX <venerix@redcorelinux.org> 2020-12-14 13:26:14 +0000
commit: 6abbf81ef2f298e3221ff5e67a1f3c5f23958212 (patch)
tree: 25413d1cb3a0cbfe36029db32398c0f333609215 /x11-misc/x11vnc
parent: 9c417bacd51da6d8b57fa9f37425161d30d4b95b (diff)
3 files changed, 108 insertions, 0 deletions
diff --git a/x11-misc/x11vnc/Manifest b/x11-misc/x11vnc/Manifest
index c7a61861ba0f..b293d50f60a4 100644
--- a/x11-misc/x11vnc/Manifest
+++ b/x11-misc/x11vnc/Manifest
@@ -1,3 +1,4 @@
+AUX x11vnc-0.9.16-CVE-2020-29074.patch 774 BLAKE2B 5a8fcb123f1698e78f76eb1828f935ad1a228990975b5ef42bf1599b46b4d88b7fb90d7d986c3189c2ac8fea305a3040a10c94741068b1d4393ebb7030fc27e2 SHA512 c021115fef4290f41d8df3a1231066d4efd1ca46ad59f0892329f32876e1dec47c000136e5fcbf53c32d8216ee89043b5857c8a873f9cc34c3e4bc543e8b85c1
 AUX x11vnc-0.9.16-anonymous-ssl.patch 841 BLAKE2B d037f4f784fe12cedca33be6a638524785342d4da9c2cd73acf138b64978d8303ee45fe08cc7516dd7baeed596bf53647db82caf693022cceb2e0b43c94f5dab SHA512 8c56c76758eb117db590415debaa18eec441ef952dac607ab77182f414e0e5f76d4a1dd2e543e0542a0fd413a8ec5dc2661f1dbabb27a4d6b36eacb09327ce2c
 AUX x11vnc-0.9.16-crypto.patch 645 BLAKE2B a821861e4e4807e5e019c787d07791912083a3ae2d1e4c77eb3264adee65a68ea51c35fdfcd0d71b996f4af42ff8481c877f5f324180139857e5cfc7d0ac3db3 SHA512 6e9ec1eb5aba65999dda9048fb01e13c55cbbf6f3e226c23e20ee906891487a5c94efd09f54ac765ca1ed99290357403a0b2caa3a7226fc967b0e8ecf19360a6
 AUX x11vnc-0.9.16-fno-common.patch 1079 BLAKE2B eb1cbe8e959eeea0940b44d3804406d2b9a18261a279b05fa54dff1240674d51dc44ce4fff9ea64a6644e532c80499287bbb1025b06b47d3b2546eb76f32fbce SHA512 3acaa4e57921673aef14ce2e9931880bcbc8c3d73708124599b8ffc79be6c4fa43713184f01983f4f432e29137c3628902681aed275ca98c7a6f32cb10bc54ca
@@ -7,4 +8,5 @@ AUX x11vnc.init.d 1728 BLAKE2B 45680af6aad530a9b36f29adc61c1f90ad272bd7201c30f29
 DIST x11vnc-0.9.16.tar.gz 1708009 BLAKE2B a8789f95ef421a78a83703748e1d80fd45539dff24f80493fd75e357bc22378213915853f9d114248c172cd83977880e1e4e8a3f8df0771017e9988d83b7307d SHA512 69f65ee312f8dede6051b401304987502a213c6c28c7f41e855734f11de1fae14d5d493dc9c28b2e4b7c0be55f8dbd3b35dd2610aae910183772c3e626736fec
 EBUILD x11vnc-0.9.16-r2.ebuild 1942 BLAKE2B 72cb2940aefc086db989a74155fa48fe27a27593ba04c14af7b83a67fd2da64eb2c0354a1565ba9ddfa744b804869f5f3a102a54e87f949b9efa5ca1c01d6e63 SHA512 7d5b4399b806d4059bb5a0aff470671c8b4591febf562c003e57e7ca6c2bc429fa416ef09f6885cc9b764677c38e44041cbf5b4f911a723a98c5a13f5e795103
 EBUILD x11vnc-0.9.16-r3.ebuild 2014 BLAKE2B e85b366cab4ceb65ffc8c7b644b5814da9db6f8070c180526f66f917d291809ea9c4ddfefc921de89ef216cc03e6391df170e3435e3ddce858ebdba7432fc026 SHA512 d79f267e41843d1cf7c40814baddabea3729608d0d2dfc4f28543de459ff559b39a19221f60fcc808992c0cb0bae86126203700bcd8b181e9199bee5f8a5b2c9
+EBUILD x11vnc-0.9.16-r4.ebuild 2050 BLAKE2B 4e1b446da52ffb86258432cde295536d5f431ca80a411d5657dcffc64a975252aa12255fd61a15cf401ae948a27285ec76f11fe4b642ef3b01a6e30b53961c6b SHA512 2a0563c2c2d767c0dfe65fb5a3108dfc4cfd71f0ec8c628fa6c3c18b2cd09348302416e15d0a307a208a3eb4d7f40dec703464f5eb3e22c4798f378b9b79790f
 MISC metadata.xml 922 BLAKE2B 02740589fa0091f604e1fff99ace802d4b179a35afd2c40d4ae25d40d41af0425a6e16cdb5951b4968813478a5066c6a241d49beba811dc296f125ba2aaddd13 SHA512 b46e3d0b379cf9967ec878e57d0a21b677ca869921546224f6f663eca4da8f2d57a97d07dac9da90999454584f6ea1c80748adf12663ff03b286292603aef2c6
diff --git a/x11-misc/x11vnc/files/x11vnc-0.9.16-CVE-2020-29074.patch b/x11-misc/x11vnc/files/x11vnc-0.9.16-CVE-2020-29074.patch
new file mode 100644
index 000000000000..12f65b94fb62
--- /dev/null
+++ b/x11-misc/x11vnc/files/x11vnc-0.9.16-CVE-2020-29074.patch
@@ -0,0 +1,25 @@
+From 69eeb9f7baa14ca03b16c9de821f9876def7a36a Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Gu=C3=A9nal=20DAVALAN?= <guenal.davalan@uca.fr>
+Date: Wed, 18 Nov 2020 08:40:45 +0100
+Subject: [PATCH] scan: limit access to shared memory segments to current user
+
+---
+ src/scan.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/scan.c b/src/scan.c
+index 43e00d2..12994d5 100644
+--- a/src/scan.c
++++ b/src/scan.c
+@@ -320,7 +320,7 @@ static int shm_create(XShmSegmentInfo *shm, XImage **ximg_ptr, int w, int h,
+ 
+ #if HAVE_XSHM
+ 	shm->shmid = shmget(IPC_PRIVATE,
+-	    xim->bytes_per_line * xim->height, IPC_CREAT | 0777);
++	    xim->bytes_per_line * xim->height, IPC_CREAT | 0600);
+ 
+ 	if (shm->shmid == -1) {
+ 		rfbErr("shmget(%s) failed.\n", name);
+-- 
+2.26.2
+
diff --git a/x11-misc/x11vnc/x11vnc-0.9.16-r4.ebuild b/x11-misc/x11vnc/x11vnc-0.9.16-r4.ebuild
new file mode 100644
index 000000000000..077b2fc02915
--- /dev/null
+++ b/x11-misc/x11vnc/x11vnc-0.9.16-r4.ebuild
@@ -0,0 +1,81 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit autotools
+
+DESCRIPTION="VNC server for real X displays"
+HOMEPAGE="https://libvnc.github.io/"
+SRC_URI="https://github.com/LibVNC/x11vnc/archive/${PV}.tar.gz -> ${P}.tar.gz"
+
+LICENSE="GPL-2+-with-openssl-exception"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 arm ~arm64 ~hppa ~ia64 ~mips ppc ppc64 ~s390 sparc x86 ~amd64-linux ~x86-linux ~sparc-solaris ~x64-solaris ~x86-solaris"
+IUSE="crypt fbcon libressl ssl +xcomposite +xdamage +xfixes xinerama +xrandr zeroconf"
+
+COMMON_DEPEND="
+	>=net-libs/libvncserver-0.9.8[ssl=]
+	x11-libs/libX11
+	x11-libs/libXcursor
+	x11-libs/libXext
+	>=x11-libs/libXtst-1.1.0
+	ssl? (
+		!libressl? ( dev-libs/openssl:0= )
+		libressl? ( dev-libs/libressl:= )
+	)
+	xcomposite? ( x11-libs/libXcomposite )
+	xdamage? ( x11-libs/libXdamage )
+	xfixes? ( x11-libs/libXfixes )
+	xinerama? ( x11-libs/libXinerama )
+	xrandr? ( x11-libs/libXrandr )
+	zeroconf? ( >=net-dns/avahi-0.6.4 )
+"
+DEPEND="${COMMON_DEPEND}
+	x11-base/xorg-proto
+	x11-libs/libXt
+"
+# https://bugzilla.redhat.com/show_bug.cgi?id=920554
+RDEPEND="${COMMON_DEPEND}
+	dev-lang/tk:0
+"
+
+PATCHES=(
+	"${FILESDIR}"/${P}-crypto.patch # https://github.com/LibVNC/x11vnc/issues/86
+	"${FILESDIR}"/${P}-anonymous-ssl.patch # https://github.com/LibVNC/x11vnc/pull/85
+	"${FILESDIR}"/${P}-libressl.patch
+	"${FILESDIR}"/${P}-fno-common.patch
+	"${FILESDIR}"/${P}-CVE-2020-29074.patch
+)
+
+src_prepare() {
+	default
+	eautoreconf
+}
+
+src_configure() {
+	# --without-v4l because of missing video4linux 2.x support wrt #389079
+	local myconf=(
+		--without-v4l
+		--without-xkeyboard
+		--without-fbpm
+		--without-dpms
+		$(use_with crypt)
+		$(use_with fbcon fbdev)
+		$(use_with ssl)
+		$(use_with ssl crypto)
+		$(use_with xcomposite)
+		$(use_with xdamage)
+		$(use_with xfixes)
+		$(use_with xinerama)
+		$(use_with xrandr)
+		$(use_with zeroconf avahi)
+	)
+	econf "${myconf[@]}"
+}
+
+src_install() {
+	default
+	newinitd "${FILESDIR}/x11vnc.init.d" x11vnc
+	newconfd "${FILESDIR}/x11vnc.conf.d" x11vnc
+}
author	V3n3RiX <venerix@redcorelinux.org>	2020-12-14 13:26:14 +0000
committer	V3n3RiX <venerix@redcorelinux.org>	2020-12-14 13:26:14 +0000
commit	6abbf81ef2f298e3221ff5e67a1f3c5f23958212 (patch)
tree	25413d1cb3a0cbfe36029db32398c0f333609215 /x11-misc/x11vnc
parent	9c417bacd51da6d8b57fa9f37425161d30d4b95b (diff)