aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLeo <thinkabit.ukim@gmail.com>2019-11-01 20:35:27 -0300
committerKevin Daudt <kdaudt@alpinelinux.org>2019-11-03 22:06:38 +0000
commit0b572578bebcf302d72e52216fdfff53165f6e2d (patch)
treed9bf58a27fee7b2af6b5daac43ee443bfa88e686
parent7ffb9c86bb3d9779b75b0813bcecfce0e5b7eabe (diff)
downloadaports-0b572578bebcf302d72e52216fdfff53165f6e2d.tar.gz
aports-0b572578bebcf302d72e52216fdfff53165f6e2d.tar.bz2
aports-0b572578bebcf302d72e52216fdfff53165f6e2d.tar.xz
main/libvncserver: fix CVE-2019-15681
ref #10924 Closes !1009
-rw-r--r--main/libvncserver/APKBUILD11
-rw-r--r--main/libvncserver/CVE-2019-15681.patch23
2 files changed, 31 insertions, 3 deletions
diff --git a/main/libvncserver/APKBUILD b/main/libvncserver/APKBUILD
index e40dcc8ded..9800f2989c 100644
--- a/main/libvncserver/APKBUILD
+++ b/main/libvncserver/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=libvncserver
pkgver=0.9.12
-pkgrel=0
+pkgrel=1
pkgdesc="Library to make writing a vnc server easy"
url="http://libvncserver.sourceforge.net/"
arch="all"
@@ -25,9 +25,13 @@ depends_dev="
"
makedepends="$depends_dev cmake"
subpackages="$pkgname-dev"
-source="https://github.com/LibVNC/libvncserver/archive/LibVNCServer-$pkgver.tar.gz"
+source="https://github.com/LibVNC/libvncserver/archive/LibVNCServer-$pkgver.tar.gz
+ CVE-2019-15681.patch
+ "
# secfixes:
+# 0.9.12-r1:
+# - CVE-2019-15681
# 0.9.11-r2:
# - CVE-2018-7225
# 0.9.11-r0:
@@ -71,4 +75,5 @@ package() {
make -C build install DESTDIR="$pkgdir"
}
-sha512sums="60ff1cc93a937d6f8f97449bc58b763095846207112f7b1b3c43eb2d74448b595d6da949903a764bd484ee54e38ff6277e882adbe965dd6d26ba15ef6ff6fcb8 LibVNCServer-0.9.12.tar.gz"
+sha512sums="60ff1cc93a937d6f8f97449bc58b763095846207112f7b1b3c43eb2d74448b595d6da949903a764bd484ee54e38ff6277e882adbe965dd6d26ba15ef6ff6fcb8 LibVNCServer-0.9.12.tar.gz
+5ecb5a26813f3f07440ef6c54eebaca4e9b4f7c1cf2ba13375e3b23b950a9b818d068d4eef5532d7ea4d7ae084c4356af7257c45426101ff51afe2b7da338a1f CVE-2019-15681.patch"
diff --git a/main/libvncserver/CVE-2019-15681.patch b/main/libvncserver/CVE-2019-15681.patch
new file mode 100644
index 0000000000..e328d87920
--- /dev/null
+++ b/main/libvncserver/CVE-2019-15681.patch
@@ -0,0 +1,23 @@
+From d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a Mon Sep 17 00:00:00 2001
+From: Christian Beier <dontmind@freeshell.org>
+Date: Mon, 19 Aug 2019 22:32:25 +0200
+Subject: [PATCH] rfbserver: don't leak stack memory to the remote
+
+Thanks go to Pavel Cheremushkin of Kaspersky for reporting.
+---
+ libvncserver/rfbserver.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c
+index 3bacc891..310e5487 100644
+--- a/libvncserver/rfbserver.c
++++ b/libvncserver/rfbserver.c
+@@ -3724,6 +3724,8 @@ rfbSendServerCutText(rfbScreenInfoPtr rfbScreen,char *str, int len)
+ rfbServerCutTextMsg sct;
+ rfbClientIteratorPtr iterator;
+
++ memset((char *)&sct, 0, sizeof(sct));
++
+ iterator = rfbGetClientIterator(rfbScreen);
+ while ((cl = rfbClientIteratorNext(iterator)) != NULL) {
+ sct.type = rfbServerCutText;