aboutsummaryrefslogtreecommitdiffstats
path: root/community/libvncserver
diff options
context:
space:
mode:
Diffstat (limited to 'community/libvncserver')
-rw-r--r--community/libvncserver/APKBUILD76
-rw-r--r--community/libvncserver/CVE-2019-15681.patch23
2 files changed, 99 insertions, 0 deletions
diff --git a/community/libvncserver/APKBUILD b/community/libvncserver/APKBUILD
new file mode 100644
index 00000000000..c7af68c5ac0
--- /dev/null
+++ b/community/libvncserver/APKBUILD
@@ -0,0 +1,76 @@
+# Contributor: Sergei Lukin <sergej.lukin@gmail.com>
+# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
+pkgname=libvncserver
+pkgver=0.9.12
+pkgrel=2
+pkgdesc="Library to make writing a vnc server easy"
+url="http://libvncserver.sourceforge.net/"
+arch="all"
+license="GPL-2.0-or-later"
+depends_dev="
+ libgcrypt-dev
+ libjpeg-turbo-dev
+ libpng-dev
+ libice-dev
+ libx11-dev
+ libxdamage-dev
+ libxext-dev
+ libxfixes-dev
+ libxi-dev
+ libxinerama-dev
+ libxrandr-dev
+ libxtst-dev
+ openssl-dev
+ lzo-dev
+ "
+makedepends="$depends_dev cmake"
+subpackages="$pkgname-dev"
+source="https://github.com/LibVNC/libvncserver/archive/LibVNCServer-$pkgver.tar.gz
+ CVE-2019-15681.patch
+ "
+
+# secfixes:
+# 0.9.12-r1:
+# - CVE-2019-15681
+# 0.9.11-r2:
+# - CVE-2018-7225
+# 0.9.11-r0:
+# - CVE-2016-9941
+# - CVE-2016-9942
+
+builddir="$srcdir"/libvncserver-LibVNCServer-$pkgver
+
+build() {
+ mkdir build
+ cd build
+ cmake \
+ -DCMAKE_BUILD_TYPE=None \
+ -DCMAKE_INSTALL_PREFIX=/usr \
+ -DBUILD_SHARED_LIBS=ON \
+ -DWITH_ZLIB=ON \
+ -DWITH_LZO=ON \
+ -DWITH_JPEG=ON \
+ -DWITH_PNG=ON \
+ -DWITH_SDL=ON \
+ -DWITH_THREADS=ON \
+ -DWITH_GNUTLS=ON \
+ -DWITH_OPENSSL=ON \
+ -DWITH_SYSTEMD=OFF \
+ -DWITH_GCRYPT=ON \
+ -DWITH_FFMPEG=ON \
+ -DWITH_WEBSOCKETS=ON \
+ -DWITH_SASL=ON \
+ ..
+ make
+}
+
+check() {
+ make -C build test
+}
+
+package() {
+ make -C build install DESTDIR="$pkgdir"
+}
+
+sha512sums="60ff1cc93a937d6f8f97449bc58b763095846207112f7b1b3c43eb2d74448b595d6da949903a764bd484ee54e38ff6277e882adbe965dd6d26ba15ef6ff6fcb8 LibVNCServer-0.9.12.tar.gz
+5ecb5a26813f3f07440ef6c54eebaca4e9b4f7c1cf2ba13375e3b23b950a9b818d068d4eef5532d7ea4d7ae084c4356af7257c45426101ff51afe2b7da338a1f CVE-2019-15681.patch"
diff --git a/community/libvncserver/CVE-2019-15681.patch b/community/libvncserver/CVE-2019-15681.patch
new file mode 100644
index 00000000000..e328d87920d
--- /dev/null
+++ b/community/libvncserver/CVE-2019-15681.patch
@@ -0,0 +1,23 @@
+From d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a Mon Sep 17 00:00:00 2001
+From: Christian Beier <dontmind@freeshell.org>
+Date: Mon, 19 Aug 2019 22:32:25 +0200
+Subject: [PATCH] rfbserver: don't leak stack memory to the remote
+
+Thanks go to Pavel Cheremushkin of Kaspersky for reporting.
+---
+ libvncserver/rfbserver.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c
+index 3bacc891..310e5487 100644
+--- a/libvncserver/rfbserver.c
++++ b/libvncserver/rfbserver.c
+@@ -3724,6 +3724,8 @@ rfbSendServerCutText(rfbScreenInfoPtr rfbScreen,char *str, int len)
+ rfbServerCutTextMsg sct;
+ rfbClientIteratorPtr iterator;
+
++ memset((char *)&sct, 0, sizeof(sct));
++
+ iterator = rfbGetClientIterator(rfbScreen);
+ while ((cl = rfbClientIteratorNext(iterator)) != NULL) {
+ sct.type = rfbServerCutText;
generated by cgit v1.2.3 (git 2.41.0) at 2024-04-20 00:50:06 +0000