[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
05/12: gnu: libvnc: Update to 0.9.13.
From: |
guix-commits |
Subject: |
05/12: gnu: libvnc: Update to 0.9.13. |
Date: |
Tue, 21 Jul 2020 17:57:06 -0400 (EDT) |
mbakke pushed a commit to branch master
in repository guix.
commit 2195ad6bd7df591c1f24b5717203b363bc3e1bfd
Author: Marius Bakke <marius@gnu.org>
AuthorDate: Tue Jul 21 22:18:50 2020 +0200
gnu: libvnc: Update to 0.9.13.
* gnu/packages/patches/libvnc-CVE-2018-20750.patch,
gnu/packages/patches/libvnc-CVE-2019-15681.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Adjust accordingly.
* gnu/packages/vnc.scm (libvnc): Update to 0.9.13.
[source](patches): Remove.
[arguments]: Add phase to patch 'cc' invocation.
---
gnu/local.mk | 2 --
gnu/packages/patches/libvnc-CVE-2018-20750.patch | 44 ------------------------
gnu/packages/patches/libvnc-CVE-2019-15681.patch | 23 -------------
gnu/packages/vnc.scm | 15 +++++---
4 files changed, 11 insertions(+), 73 deletions(-)
diff --git a/gnu/local.mk b/gnu/local.mk
index 8ba36ac..570e6a3 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1241,8 +1241,6 @@ dist_patch_DATA =
\
%D%/packages/patches/libutils-add-includes.patch \
%D%/packages/patches/libutils-remove-damaging-includes.patch \
%D%/packages/patches/libvdpau-va-gl-unbundle.patch \
- %D%/packages/patches/libvnc-CVE-2018-20750.patch \
- %D%/packages/patches/libvnc-CVE-2019-15681.patch \
%D%/packages/patches/libvpx-CVE-2016-2818.patch \
%D%/packages/patches/libxslt-generated-ids.patch \
%D%/packages/patches/libxt-guix-search-paths.patch \
diff --git a/gnu/packages/patches/libvnc-CVE-2018-20750.patch
b/gnu/packages/patches/libvnc-CVE-2018-20750.patch
deleted file mode 100644
index 1462436..0000000
--- a/gnu/packages/patches/libvnc-CVE-2018-20750.patch
+++ /dev/null
@@ -1,44 +0,0 @@
-From 09e8fc02f59f16e2583b34fe1a270c238bd9ffec Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
-Date: Mon, 7 Jan 2019 10:40:01 +0100
-Subject: [PATCH] Limit lenght to INT_MAX bytes in
- rfbProcessFileTransferReadBuffer()
-
-This ammends 15bb719c03cc70f14c36a843dcb16ed69b405707 fix for a heap
-out-of-bound write access in rfbProcessFileTransferReadBuffer() when
-reading a transfered file content in a server. The former fix did not
-work on platforms with a 32-bit int type (expected by rfbReadExact()).
-
-CVE-2018-15127
-<https://github.com/LibVNC/libvncserver/issues/243>
-<https://github.com/LibVNC/libvncserver/issues/273>
----
- libvncserver/rfbserver.c | 7 ++++++-
- 1 file changed, 6 insertions(+), 1 deletion(-)
-
-diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c
-index 7af84906..f2edbeea 100644
---- a/libvncserver/rfbserver.c
-+++ b/libvncserver/rfbserver.c
-@@ -88,6 +88,8 @@
- #include <errno.h>
- /* strftime() */
- #include <time.h>
-+/* INT_MAX */
-+#include <limits.h>
-
- #ifdef LIBVNCSERVER_WITH_WEBSOCKETS
- #include "rfbssl.h"
-@@ -1472,8 +1474,11 @@ char *rfbProcessFileTransferReadBuffer(rfbClientPtr cl,
uint32_t length)
- 0XFFFFFFFF, i.e. SIZE_MAX for 32-bit systems. On 64-bit systems, a
length of 0XFFFFFFFF
- will safely be allocated since this check will never trigger and
malloc() can digest length+1
- without problems as length is a uint32_t.
-+ We also later pass length to rfbReadExact() that expects a signed int
type and
-+ that might wrap on platforms with a 32-bit int type if length is bigger
-+ than 0X7FFFFFFF.
- */
-- if(length == SIZE_MAX) {
-+ if(length == SIZE_MAX || length > INT_MAX) {
- rfbErr("rfbProcessFileTransferReadBuffer: too big file transfer length
requested: %u", (unsigned int)length);
- rfbCloseClient(cl);
- return NULL;
diff --git a/gnu/packages/patches/libvnc-CVE-2019-15681.patch
b/gnu/packages/patches/libvnc-CVE-2019-15681.patch
deleted file mode 100644
index e328d87..0000000
--- a/gnu/packages/patches/libvnc-CVE-2019-15681.patch
+++ /dev/null
@@ -1,23 +0,0 @@
-From d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a Mon Sep 17 00:00:00 2001
-From: Christian Beier <dontmind@freeshell.org>
-Date: Mon, 19 Aug 2019 22:32:25 +0200
-Subject: [PATCH] rfbserver: don't leak stack memory to the remote
-
-Thanks go to Pavel Cheremushkin of Kaspersky for reporting.
----
- libvncserver/rfbserver.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c
-index 3bacc891..310e5487 100644
---- a/libvncserver/rfbserver.c
-+++ b/libvncserver/rfbserver.c
-@@ -3724,6 +3724,8 @@ rfbSendServerCutText(rfbScreenInfoPtr rfbScreen,char
*str, int len)
- rfbServerCutTextMsg sct;
- rfbClientIteratorPtr iterator;
-
-+ memset((char *)&sct, 0, sizeof(sct));
-+
- iterator = rfbGetClientIterator(rfbScreen);
- while ((cl = rfbClientIteratorNext(iterator)) != NULL) {
- sct.type = rfbServerCutText;
diff --git a/gnu/packages/vnc.scm b/gnu/packages/vnc.scm
index a084b30..ab89bad 100644
--- a/gnu/packages/vnc.scm
+++ b/gnu/packages/vnc.scm
@@ -2,6 +2,7 @@
;;; Copyright © 2019 Todor Kondić <tk.code@protonmail.com>
;;; Copyright © 2020 Oleg Pykhalov <go.wigust@gmail.com>
;;; Copyright © 2020 Hartmut Goebel <h.goebel@crazy-compilers.com>
+;;; Copyright © 2020 Marius Bakke <marius@gnu.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -233,7 +234,7 @@ where the server is installed.")))
(define-public libvnc
(package
(name "libvnc")
- (version "0.9.12")
+ (version "0.9.13")
(source
(origin
(method git-fetch)
@@ -242,10 +243,16 @@ where the server is installed.")))
(commit (string-append "LibVNCServer-" version))))
(file-name (git-file-name name version))
(sha256
- (base32 "1226hb179l914919f5nm2mlf8rhaarqbf48aa649p4rwmghyx9vm"))
- (patches (search-patches "libvnc-CVE-2018-20750.patch"
- "libvnc-CVE-2019-15681.patch"))))
+ (base32 "0zz0hslw8b1p3crnfy3xnmrljik359h83dpk64s697dqdcrzy141"))))
(build-system cmake-build-system)
+ (arguments
+ '(#:phases (modify-phases %standard-phases
+ (add-after 'unpack 'patch-cc-reference
+ (lambda _
+ (substitute* "test/includetest.sh"
+ (("^cc -I")
+ "gcc -I"))
+ #t)))))
(native-inputs
`(("pkg-config" ,pkg-config)))
(inputs
- branch master updated (d2e0b16 -> 20cc8f9), guix-commits, 2020/07/21
- 01/12: gnu: bubblewrap: Build with Python 3., guix-commits, 2020/07/21
- 02/12: gnu: xorg-server: Update to 1.20.8., guix-commits, 2020/07/21
- 04/12: services: ganeti: Fix erroneous gexp., guix-commits, 2020/07/21
- 05/12: gnu: libvnc: Update to 0.9.13.,
guix-commits <=
- 03/12: gnu: OpenSC: Update to 0.20.0 [security fixes]., guix-commits, 2020/07/21
- 08/12: gnu: Add intel-xed., guix-commits, 2020/07/21
- 06/12: gnu: twm: Update to 1.0.11., guix-commits, 2020/07/21
- 07/12: gnu: nsd: Update to 4.3.1., guix-commits, 2020/07/21
- 09/12: gnu: Add remid-lv2., guix-commits, 2020/07/21
- 11/12: gnu: git-annex: Update to 8.20200720.1., guix-commits, 2020/07/21
- 12/12: gnu: patchelf: Update to 0.11., guix-commits, 2020/07/21
- 10/12: gnu: Add chaiscript., guix-commits, 2020/07/21