projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7f115d2) | patch
package/x11vnc: fix CVE-2020-29074
authorFabrice Fontaine <fontaine.fabrice@gmail.com>
Thu, 3 Dec 2020 20:10:13 +0000 (21:10 +0100)
committerThomas Petazzoni <thomas.petazzoni@bootlin.com>
Sat, 5 Dec 2020 20:32:16 +0000 (21:32 +0100)
commit3b6a105af87662f2ecca3fe4717fea11e267b0c8
tree37917b388c1c8e0835c0105793f05f8a3c9992e8tree
parent7f115d2de4276972098b8f4cfeb0150c8e851d89commit | diff
package/x11vnc: fix CVE-2020-29074

scan.c in x11vnc 0.9.16 uses IPC_CREAT|0777 in shmget calls, which
allows access by actors other than the current user.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
package/x11vnc/0002-scan-limit-access-to-shared-memory-segments-to-current-user.patch [new file with mode: 0644] blob
package/x11vnc/x11vnc.mk diff | blob | history