diff options
Diffstat (limited to 'community/libvncserver')
-rw-r--r-- | community/libvncserver/APKBUILD | 76 | ||||
-rw-r--r-- | community/libvncserver/CVE-2019-15681.patch | 23 |
2 files changed, 99 insertions, 0 deletions
diff --git a/community/libvncserver/APKBUILD b/community/libvncserver/APKBUILD new file mode 100644 index 00000000000..c7af68c5ac0 --- /dev/null +++ b/community/libvncserver/APKBUILD @@ -0,0 +1,76 @@ +# Contributor: Sergei Lukin <sergej.lukin@gmail.com> +# Maintainer: Natanael Copa <ncopa@alpinelinux.org> +pkgname=libvncserver +pkgver=0.9.12 +pkgrel=2 +pkgdesc="Library to make writing a vnc server easy" +url="http://libvncserver.sourceforge.net/" +arch="all" +license="GPL-2.0-or-later" +depends_dev=" + libgcrypt-dev + libjpeg-turbo-dev + libpng-dev + libice-dev + libx11-dev + libxdamage-dev + libxext-dev + libxfixes-dev + libxi-dev + libxinerama-dev + libxrandr-dev + libxtst-dev + openssl-dev + lzo-dev + " +makedepends="$depends_dev cmake" +subpackages="$pkgname-dev" +source="https://github.com/LibVNC/libvncserver/archive/LibVNCServer-$pkgver.tar.gz + CVE-2019-15681.patch + " + +# secfixes: +# 0.9.12-r1: +# - CVE-2019-15681 +# 0.9.11-r2: +# - CVE-2018-7225 +# 0.9.11-r0: +# - CVE-2016-9941 +# - CVE-2016-9942 + +builddir="$srcdir"/libvncserver-LibVNCServer-$pkgver + +build() { + mkdir build + cd build + cmake \ + -DCMAKE_BUILD_TYPE=None \ + -DCMAKE_INSTALL_PREFIX=/usr \ + -DBUILD_SHARED_LIBS=ON \ + -DWITH_ZLIB=ON \ + -DWITH_LZO=ON \ + -DWITH_JPEG=ON \ + -DWITH_PNG=ON \ + -DWITH_SDL=ON \ + -DWITH_THREADS=ON \ + -DWITH_GNUTLS=ON \ + -DWITH_OPENSSL=ON \ + -DWITH_SYSTEMD=OFF \ + -DWITH_GCRYPT=ON \ + -DWITH_FFMPEG=ON \ + -DWITH_WEBSOCKETS=ON \ + -DWITH_SASL=ON \ + .. + make +} + +check() { + make -C build test +} + +package() { + make -C build install DESTDIR="$pkgdir" +} + +sha512sums="60ff1cc93a937d6f8f97449bc58b763095846207112f7b1b3c43eb2d74448b595d6da949903a764bd484ee54e38ff6277e882adbe965dd6d26ba15ef6ff6fcb8 LibVNCServer-0.9.12.tar.gz +5ecb5a26813f3f07440ef6c54eebaca4e9b4f7c1cf2ba13375e3b23b950a9b818d068d4eef5532d7ea4d7ae084c4356af7257c45426101ff51afe2b7da338a1f CVE-2019-15681.patch" diff --git a/community/libvncserver/CVE-2019-15681.patch b/community/libvncserver/CVE-2019-15681.patch new file mode 100644 index 00000000000..e328d87920d --- /dev/null +++ b/community/libvncserver/CVE-2019-15681.patch @@ -0,0 +1,23 @@ +From d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a Mon Sep 17 00:00:00 2001 +From: Christian Beier <dontmind@freeshell.org> +Date: Mon, 19 Aug 2019 22:32:25 +0200 +Subject: [PATCH] rfbserver: don't leak stack memory to the remote + +Thanks go to Pavel Cheremushkin of Kaspersky for reporting. +--- + libvncserver/rfbserver.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c +index 3bacc891..310e5487 100644 +--- a/libvncserver/rfbserver.c ++++ b/libvncserver/rfbserver.c +@@ -3724,6 +3724,8 @@ rfbSendServerCutText(rfbScreenInfoPtr rfbScreen,char *str, int len) + rfbServerCutTextMsg sct; + rfbClientIteratorPtr iterator; + ++ memset((char *)&sct, 0, sizeof(sct)); ++ + iterator = rfbGetClientIterator(rfbScreen); + while ((cl = rfbClientIteratorNext(iterator)) != NULL) { + sct.type = rfbServerCutText; |