3 files changed, 105 insertions, 0 deletions
diff --git a/net-libs/libvncserver/Manifest b/net-libs/libvncserver/Manifest
index 6d9b92507ef9..d43b60a29318 100644
--- a/net-libs/libvncserver/Manifest
+++ b/net-libs/libvncserver/Manifest
@@ -1,5 +1,7 @@
+AUX libvncserver-0.9.13-CVE-2020-29260.patch 822 BLAKE2B 04a21cb1834fbc1917a9b7b4d9d3623b4a0a22f4f2b6b4119caa3c16718f0aee708bbf4a6dfc36002ab7fc3004533a55ce321f4e0136fbbc0311a5c4c117bcc2 SHA512 927d929a69444749c350ec7277d29a621d09cdf180e978ae19942f157aff6e391a2c80f0d0b3c65f901a65c6f5ceb2a0b433254748a88098462f880dd2f8b5ee
 AUX libvncserver-0.9.13-test-fix-includetest.patch 1626 BLAKE2B 1a2bab37cc2716a0c3912a2d1b76329c81bc8c3c6b9a881a0813ab035e05a06683a908cb0ca55af94d8682ef6e0153c25d93dd09381ef1079c93808a0f7d529c SHA512 7cb35e32245152e0fdc10fd6ca80221bfe1d5a75ed9407e9d69a3082bba24cbf8868db5dc36390943e09f0beeb3a366f994ecde62c6f9d7e7688ba749249bf3d
 AUX libvncserver-0.9.13-test-fix-tjunittest.patch 989 BLAKE2B 2ebe6a5bf1f04bdb188ed9a3ca965a697e995268f2e65fb7de37da663cef91672111ba0eaa1d25c4309e3f600240042e773d342996168b8b9f2dac808004b140 SHA512 6ccee0741778ae7d504acf250bffdc2231556dbc1357fd08bf54fd769e73159c3c27714c512775266f0e1cdd145a61e029645a6676b198dbc8aa6bf7ad0ca04d
 DIST LibVNCServer-0.9.13.tar.gz 567491 BLAKE2B 138c7ca63f8cd30a21dc1b58aafa744e12a1a9eca503ffec18a63d18791d7a5df4eef176d7e4e797a2aadda1dd04d1b051abfd76bf5c6806d558c09ffee78cce SHA512 18b0a1698d32bbdbfe6f65f76130b2a95860e3cc76e8adb904269663698c7c0ae982f451fda1f25e5461f096045d40a89d9014258f439366d5b4feaa4999d643
+EBUILD libvncserver-0.9.13-r1.ebuild 2133 BLAKE2B 0748a9687740a8da6ee83b09e85165b11294ed5b2441a20e262c26919a79246a670bcfdb83ec69f5ea08982dfe7b58db0a1a7067797f8d8f384c04449e2382cb SHA512 fb16286c4490e8c903eabbbe45211caae16b645783240dd69069d03a6d5cd3f3b538668c8a752681e40646b356226292043736ebfea0d6d57a22ce45d95d6437
 EBUILD libvncserver-0.9.13.ebuild 2080 BLAKE2B ece08bc97161240f55bfc76bb3709c5bcf4f9e0be117c3565f5ca4e33a9699b7067ff6d13ec66c06fad3ce2f7df847bfd29c1f7be216b6ddde684d6034c6687c SHA512 1734f760558d2e438dd37d821b50b255a8fe6d9ea8e345e41a665868ec7c08a5e3feb9d1025aad5abacb4642ffbb64466949427bef409f9bdf3fe80b3fc54b59
 MISC metadata.xml 1078 BLAKE2B c1977b60d1c6943a3b6636c24e29d2b029dbb088c59defb8f4cd820aac317b6a207ffd3669e3da567270161392425b8a30be4bd544d91e6262f258449b71261c SHA512 d774527b02965a951ae5eba13a4865ee874aa0c969c32a4bc3643313ffefeb933700901dbeca6511048140d311b380e7e2035adfea4542b455b608d25eb47efe
diff --git a/net-libs/libvncserver/files/libvncserver-0.9.13-CVE-2020-29260.patch b/net-libs/libvncserver/files/libvncserver-0.9.13-CVE-2020-29260.patch
new file mode 100644
index 000000000000..23ffed8c1774
--- /dev/null
+++ b/net-libs/libvncserver/files/libvncserver-0.9.13-CVE-2020-29260.patch
@@ -0,0 +1,27 @@
+From bef41f6ec4097a8ee094f90a1b34a708fbd757ec Mon Sep 17 00:00:00 2001
+From: Christian Beier <info@christianbeier.net>
+Date: Sat, 21 Nov 2020 12:52:31 +0100
+Subject: [PATCH] libvncclient: free vncRec memory in rfbClientCleanup()
+
+Otherwise we leak memory. Spotted by Ramin Farajpour Cami
+<ramin.blackhat@gmail.com>, thanks!
+---
+ libvncclient/vncviewer.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/libvncclient/vncviewer.c b/libvncclient/vncviewer.c
+index d6b91f02..0a1bdcf6 100644
+--- a/libvncclient/vncviewer.c
++++ b/libvncclient/vncviewer.c
+@@ -534,6 +534,8 @@ void rfbClientCleanup(rfbClient* client) {
+     client->clientData = next;
+   }
+ 
++  free(client->vncRec);
++
+   if (client->sock != RFB_INVALID_SOCKET)
+     rfbCloseSocket(client->sock);
+   if (client->listenSock != RFB_INVALID_SOCKET)
+-- 
+2.35.1
+
diff --git a/net-libs/libvncserver/libvncserver-0.9.13-r1.ebuild b/net-libs/libvncserver/libvncserver-0.9.13-r1.ebuild
new file mode 100644
index 000000000000..2a9d65199e87
--- /dev/null
+++ b/net-libs/libvncserver/libvncserver-0.9.13-r1.ebuild
@@ -0,0 +1,76 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit cmake
+
+MY_P="LibVNCServer-${PV}"
+
+DESCRIPTION="library for creating vnc servers"
+HOMEPAGE="https://libvnc.github.io/"
+SRC_URI="https://github.com/LibVNC/${PN}/archive/${MY_P}.tar.gz"
+S="${WORKDIR}/${PN}-${MY_P}"
+
+# common/d3des.*: https://github.com/LibVNC/libvncserver/issues/88
+LICENSE="GPL-2 GPL-2+ LGPL-2.1+ BSD MIT"
+# no sub slot wanted (yet), see #578958
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux"
+IUSE="+24bpp +filetransfer gcrypt gnutls ipv6 +jpeg lzo +png sasl ssl systemd +threads +zlib"
+# https://bugs.gentoo.org/690202
+# https://bugs.gentoo.org/435326
+# https://bugs.gentoo.org/550916
+REQUIRED_USE="
+	filetransfer? ( threads )
+	jpeg? ( zlib )
+	png? ( zlib )
+	ssl? ( !gnutls? ( threads ) )
+"
+
+DEPEND="
+	gcrypt? ( >=dev-libs/libgcrypt-1.5.3:0= )
+	ssl? (
+		!gnutls? (
+			>=dev-libs/openssl-1.0.2:0=
+		)
+		gnutls? ( >=net-libs/gnutls-2.12.23-r6:0= )
+	)
+	jpeg? ( media-libs/libjpeg-turbo:= )
+	lzo? ( dev-libs/lzo )
+	png? ( >=media-libs/libpng-1.6.10:0= )
+	sasl? ( dev-libs/cyrus-sasl )
+	systemd? ( sys-apps/systemd:= )
+	zlib? ( >=sys-libs/zlib-1.2.8-r1:0= )
+"
+RDEPEND="${DEPEND}"
+
+DOCS=( AUTHORS ChangeLog NEWS.md README.md TODO.md )
+
+PATCHES=(
+	"${FILESDIR}"/${P}-test-fix-includetest.patch
+	"${FILESDIR}"/${P}-test-fix-tjunittest.patch
+	"${FILESDIR}"/${P}-CVE-2020-29260.patch
+)
+
+src_configure() {
+	local mycmakeargs=(
+		-DWITH_FFMPEG=OFF
+		-DWITH_GTK=OFF
+		-DWITH_SDL=OFF
+		-DWITH_24BPP=$(usex 24bpp ON OFF)
+		-DWITH_TIGHTVNC_FILETRANSFER=$(usex filetransfer ON OFF)
+		-DWITH_GCRYPT=$(usex gcrypt ON OFF)
+		-DWITH_GNUTLS=$(usex gnutls $(usex ssl ON OFF) OFF)
+		-DWITH_IPv6=$(usex ipv6 ON OFF)
+		-DWITH_JPEG=$(usex jpeg ON OFF)
+		-DWITH_LZO=$(usex lzo ON OFF)
+		-DWITH_OPENSSL=$(usex gnutls OFF $(usex ssl ON OFF))
+		-DWITH_PNG=$(usex png ON OFF)
+		-DWITH_SASL=$(usex sasl ON OFF)
+		-DWITH_SYSTEMD=$(usex systemd ON OFF)
+		-DWITH_THREADS=$(usex threads ON OFF)
+		-DWITH_ZLIB=$(usex zlib ON OFF)
+	)
+	cmake_src_configure
+}