rdesktop: security bump to version 1.8.2

Long overdue, fixes CVE-2008-1801, CVE-2008-1802, CVE-2008-1803 and
CVE-2011-1595.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

diff --git a/package/rdesktop/rdesktop-01-8bit-colors.patch b/package/rdesktop/rdesktop-01-8bit-colors.patch
new file mode 100644 (file)
index 0000000..710f8de
--- /dev/null
+++ b/package/rdesktop/rdesktop-01-8bit-colors.patch
@@ -0,0 +1,21 @@
+diff -urpN rdesktop-1.5.0-orig/xwin.c rdesktop-1.5.0/xwin.c
+--- rdesktop-1.5.0-orig/xwin.c 2007-01-17 12:01:18.000000000 +0100
++++ rdesktop-1.5.0/xwin.c      2007-01-17 12:05:02.000000000 +0100
+@@ -1461,7 +1461,7 @@ select_visual(int screen_num)
+               }
+ 
+               /* we use a colourmap, so the default visual should do */
+-              g_owncolmap = True;
++//            g_owncolmap = True;
+               g_visual = vmatches[0].visual;
+               g_depth = vmatches[0].depth;
+       }
+@@ -1568,7 +1568,7 @@ ui_init(void)
+       {
+               g_xcolmap =
+                       XCreateColormap(g_display, RootWindowOfScreen(g_screen), g_visual,
+-                                      AllocNone);
++                                      (g_depth <= 8) ? AllocAll : AllocNone);
+               if (g_depth <= 8)
+                       warning("Display colour depth is %d bit: you may want to use -C for a private colourmap.\n", g_depth);
+       }

diff --git a/package/rdesktop/rdesktop-8bit-colors.patch b/package/rdesktop/rdesktop-8bit-colors.patch
deleted file mode 100644 (file)
index 710f8de..0000000
--- a/package/rdesktop/rdesktop-8bit-colors.patch
+++ /dev/null
@@ -1,21 +0,0 @@
-diff -urpN rdesktop-1.5.0-orig/xwin.c rdesktop-1.5.0/xwin.c
---- rdesktop-1.5.0-orig/xwin.c 2007-01-17 12:01:18.000000000 +0100
-+++ rdesktop-1.5.0/xwin.c      2007-01-17 12:05:02.000000000 +0100
-@@ -1461,7 +1461,7 @@ select_visual(int screen_num)
-               }
- 
-               /* we use a colourmap, so the default visual should do */
--              g_owncolmap = True;
-+//            g_owncolmap = True;
-               g_visual = vmatches[0].visual;
-               g_depth = vmatches[0].depth;
-       }
-@@ -1568,7 +1568,7 @@ ui_init(void)
-       {
-               g_xcolmap =
-                       XCreateColormap(g_display, RootWindowOfScreen(g_screen), g_visual,
--                                      AllocNone);
-+                                      (g_depth <= 8) ? AllocAll : AllocNone);
-               if (g_depth <= 8)
-                       warning("Display colour depth is %d bit: you may want to use -C for a private colourmap.\n", g_depth);
-       }

diff --git a/package/rdesktop/rdesktop.mk b/package/rdesktop/rdesktop.mk
index 94e02829d4f7fe4104589c8c87e12b6df1a15b3c..6829709fc84074198b083f1d9ae35df86c3173cd 100644 (file)
--- a/package/rdesktop/rdesktop.mk
+++ b/package/rdesktop/rdesktop.mk
@@ -4,11 +4,20 @@
 #
 ################################################################################
 
-RDESKTOP_VERSION = 1.5.0
+RDESKTOP_VERSION = 1.8.2
 RDESKTOP_SITE = http://downloads.sourceforge.net/project/rdesktop/rdesktop/$(RDESKTOP_VERSION)
-RDESKTOP_DEPENDENCIES = openssl xlib_libX11 xlib_libXt
-RDESKTOP_CONF_OPT = --with-openssl=$(STAGING_DIR)/usr
-RDESKTOP_LICENSE = GPLv2+ with exceptions
+RDESKTOP_DEPENDENCIES = host-pkgconf openssl xlib_libX11 xlib_libXt \
+       $(if $(BR2_PACKAGE_ALSA_LIB_PCM),alsa-lib) \
+       $(if $(BR2_PACKAGE_LIBAO),libao) \
+       $(if $(BR2_PACKAGE_LIBSAMPLERATE),libsamplerate)
+RDESKTOP_CONF_OPT = --with-openssl=$(STAGING_DIR)/usr --disable-credssp
+RDESKTOP_LICENSE = GPLv3+
 RDESKTOP_LICENSE_FILES = COPYING
 
+ifeq ($(BR2_PACKAGE_PCSC_LITE),y)
+RDESKTOP_DEPENDENCIES += pcsc-lite
+else
+RDESKTOP_CONF_OPT += --disable-smartcard
+endif
+
 $(eval $(autotools-package))