projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6018b55) | patch
libvncserver: add security patches
authorGustavo Zacarias <gustavo@zacarias.com.ar>
Tue, 30 Sep 2014 23:12:54 +0000 (20:12 -0300)
committerPeter Korsgaard <peter@korsgaard.com>
Wed, 1 Oct 2014 12:01:36 +0000 (14:01 +0200)
commit4afb8cbad71024249a3b3d17bb542df6c3a28387
tree75c6418c7dc3ca7debf5652ff47626bf5abd2e00tree
parent6018b55185ac66de3160f7e74fc628956605e93bcommit | diff
libvncserver: add security patches

Fixes:
CVE-2014-6051 and
CVE-2014-6052 denial of service and possible code execution via
integer overflow and lack of malloc error handling in
MallocFrameBuffer()
CVE-2014-6053 denial of service via large ClientCutText message.
CVE-2014-6054 denial of service via zero scaling factor.
CVE-2014-6055 denial of service and possible code execution via
stack overflows in File Transfer feature.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/libvncserver/libvncserver-0001-CVE-2014-6051-6052.patch [new file with mode: 0644] blob
package/libvncserver/libvncserver-0002-CVE-2014-6053.patch [new file with mode: 0644] blob
package/libvncserver/libvncserver-0003-CVE-2014-6054.patch [new file with mode: 0644] blob
package/libvncserver/libvncserver-0004-CVE-2014-6055.patch [new file with mode: 0644] blob