+++ /dev/null
-From 868f0a9fa60bb45ee6cf762f323c5b3964b2ee69 Mon Sep 17 00:00:00 2001
-From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
-Date: Sun, 23 Jun 2019 10:18:59 +0200
-Subject: [PATCH] CMakeLists.txt: fix build without C++
-
-Specify that libvncserver is a C project file otherwise build will fail
-if no C++ compiler is found by cmake
-
-Fixes:
- - http://autobuild.buildroot.org/results/16aaa4e86a2dbf1acf95f10d5131b0f7b8a3d61a
-
-Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
-[Upstream status: https://github.com/LibVNC/libvncserver/pull/317]
----
- CMakeLists.txt | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/CMakeLists.txt b/CMakeLists.txt
-index 0d3b4dc..ad609ae 100644
---- a/CMakeLists.txt
-+++ b/CMakeLists.txt
-@@ -1,7 +1,7 @@
- cmake_minimum_required(VERSION 3.4)
- cmake_policy(SET CMP0037 NEW)
-
--project(LibVNCServer)
-+project(LibVNCServer C)
- include(CheckFunctionExists)
- include(CheckSymbolExists)
- include(CheckIncludeFile)
---
-2.20.1
-
+++ /dev/null
-From 5abd95b65fe5ec24749164338a9718ecce19e240 Mon Sep 17 00:00:00 2001
-From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
-Date: Fri, 28 Feb 2020 10:29:58 +0100
-Subject: [PATCH] libvnc{client,server}.pc.cmakein: remove zlib
-
-Remove zlib from Requires.private as libvnc can be built without zlib
-thanks to WITH_LIB, zlib will be added to Libs.private thanks to
-PRIVATE_LIBS
-
-Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
-[Upstream status: https://github.com/LibVNC/libvncserver/pull/377]
----
- libvncclient.pc.cmakein | 2 +-
- libvncserver.pc.cmakein | 2 +-
- 2 files changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/libvncclient.pc.cmakein b/libvncclient.pc.cmakein
-index 336e73f..ceeda39 100644
---- a/libvncclient.pc.cmakein
-+++ b/libvncclient.pc.cmakein
-@@ -7,7 +7,7 @@ Name: LibVNCClient
- Description: A library for easy implementation of a VNC client.
- Version: @LibVNCServer_VERSION@
- Requires:
--Requires.private: zlib
-+Requires.private:
- Libs: -L${libdir} -lvncclient
- Libs.private: @PRIVATE_LIBS@
- Cflags: -I${includedir}
-diff --git a/libvncserver.pc.cmakein b/libvncserver.pc.cmakein
-index dfcec9d..33ec668 100644
---- a/libvncserver.pc.cmakein
-+++ b/libvncserver.pc.cmakein
-@@ -7,7 +7,7 @@ Name: LibVNCServer
- Description: A library for easy implementation of a VNC server.
- Version: @LibVNCServer_VERSION@
- Requires:
--Requires.private: zlib
-+Requires.private:
- Libs: -L${libdir} -lvncserver
- Libs.private: @PRIVATE_LIBS@
- Cflags: -I${includedir}
---
-2.25.0
-
+++ /dev/null
-From 09e8fc02f59f16e2583b34fe1a270c238bd9ffec Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= <ppisar@redhat.com>
-Date: Mon, 7 Jan 2019 10:40:01 +0100
-Subject: [PATCH] Limit lenght to INT_MAX bytes in
- rfbProcessFileTransferReadBuffer()
-
-This ammends 15bb719c03cc70f14c36a843dcb16ed69b405707 fix for a heap
-out-of-bound write access in rfbProcessFileTransferReadBuffer() when
-reading a transfered file content in a server. The former fix did not
-work on platforms with a 32-bit int type (expected by rfbReadExact()).
-
-CVE-2018-15127
-<https://github.com/LibVNC/libvncserver/issues/243>
-<https://github.com/LibVNC/libvncserver/issues/273>
-[Retrieved from:
-https://github.com/LibVNC/libvncserver/commit/09e8fc02f59f16e2583b34fe1a270c238bd9ffec]
-Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
----
- libvncserver/rfbserver.c | 7 ++++++-
- 1 file changed, 6 insertions(+), 1 deletion(-)
-
-diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c
-index 7af84906..f2edbeea 100644
---- a/libvncserver/rfbserver.c
-+++ b/libvncserver/rfbserver.c
-@@ -88,6 +88,8 @@
- #include <errno.h>
- /* strftime() */
- #include <time.h>
-+/* INT_MAX */
-+#include <limits.h>
-
- #ifdef LIBVNCSERVER_WITH_WEBSOCKETS
- #include "rfbssl.h"
-@@ -1472,8 +1474,11 @@ char *rfbProcessFileTransferReadBuffer(rfbClientPtr cl, uint32_t length)
- 0XFFFFFFFF, i.e. SIZE_MAX for 32-bit systems. On 64-bit systems, a length of 0XFFFFFFFF
- will safely be allocated since this check will never trigger and malloc() can digest length+1
- without problems as length is a uint32_t.
-+ We also later pass length to rfbReadExact() that expects a signed int type and
-+ that might wrap on platforms with a 32-bit int type if length is bigger
-+ than 0X7FFFFFFF.
- */
-- if(length == SIZE_MAX) {
-+ if(length == SIZE_MAX || length > INT_MAX) {
- rfbErr("rfbProcessFileTransferReadBuffer: too big file transfer length requested: %u", (unsigned int)length);
- rfbCloseClient(cl);
- return NULL;
+++ /dev/null
-From d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a Mon Sep 17 00:00:00 2001
-From: Christian Beier <dontmind@freeshell.org>
-Date: Mon, 19 Aug 2019 22:32:25 +0200
-Subject: [PATCH] rfbserver: don't leak stack memory to the remote
-
-Thanks go to Pavel Cheremushkin of Kaspersky for reporting.
-[Retrieved from:
-https://github.com/LibVNC/libvncserver/commit/d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a]
-Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
----
- libvncserver/rfbserver.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c
-index 3bacc891..310e5487 100644
---- a/libvncserver/rfbserver.c
-+++ b/libvncserver/rfbserver.c
-@@ -3724,6 +3724,8 @@ rfbSendServerCutText(rfbScreenInfoPtr rfbScreen,char *str, int len)
- rfbServerCutTextMsg sct;
- rfbClientIteratorPtr iterator;
-
-+ memset((char *)&sct, 0, sizeof(sct));
-+
- iterator = rfbGetClientIterator(rfbScreen);
- while ((cl = rfbClientIteratorNext(iterator)) != NULL) {
- sct.type = rfbServerCutText;
+++ /dev/null
-From 8f58a9d9f35e6b893b54b399be357bc789f6e630 Mon Sep 17 00:00:00 2001
-From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
-Date: Sun, 8 Mar 2020 10:36:57 +0100
-Subject: [PATCH] CMakeLists.txt: don't build tight.c without png or zlib
-
-If the user enables JPEG and disable PNG and ZLIB, build will fail on:
-
-[ 42%] Building C object CMakeFiles/vncserver.dir/libvncserver/ws_decode.c.o
-/nvmedata/autobuild/instance-3/output-1/build/libvncserver-0.9.12/libvncserver/tight.c: In function 'rfbSendRectEncodingTight':
-/nvmedata/autobuild/instance-3/output-1/build/libvncserver-0.9.12/libvncserver/tight.c:276:7: error: 'struct _rfbClientRec' has no member named 'tightEncoding'
- cl->tightEncoding = rfbEncodingTight;
- ^~
-/nvmedata/autobuild/instance-3/output-1/build/libvncserver-0.9.12/libvncserver/tight.c: In function 'rfbSendRectEncodingTightPng':
-/nvmedata/autobuild/instance-3/output-1/build/libvncserver-0.9.12/libvncserver/tight.c:287:7: error: 'struct _rfbClientRec' has no member named 'tightEncoding'
- cl->tightEncoding = rfbEncodingTightPng;
- ^~
-/nvmedata/autobuild/instance-3/output-1/build/libvncserver-0.9.12/libvncserver/tight.c: In function 'SendRectEncodingTight':
-/nvmedata/autobuild/instance-3/output-1/build/libvncserver-0.9.12/libvncserver/tight.c:307:23: error: 'struct _rfbClientRec' has no member named 'tightCompressLevel'
- compressLevel = cl->tightCompressLevel;
- ^~
-/nvmedata/autobuild/instance-3/output-1/build/libvncserver-0.9.12/libvncserver/tight.c:308:22: error: 'struct _rfbClientRec' has no member named 'turboQualityLevel'
- qualityLevel = cl->turboQualityLevel;
- ^~
-/nvmedata/autobuild/instance-3/output-1/build/libvncserver-0.9.12/libvncserver/tight.c:309:22: error: 'struct _rfbClientRec' has no member named 'turboSubsampLevel'
- subsampLevel = cl->turboSubsampLevel;
- ^~
-
-Fixes:
- - http://autobuild.buildroot.org/results/bcc701055dd5876005fa6f78f38500399394cd75
-
-Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
-[Upstream status: https://github.com/LibVNC/libvncserver/pull/380]
----
- CMakeLists.txt | 4 +++-
- 1 file changed, 3 insertions(+), 1 deletion(-)
-
-diff --git a/CMakeLists.txt b/CMakeLists.txt
-index 2a2cb15..b8bc9e2 100644
---- a/CMakeLists.txt
-+++ b/CMakeLists.txt
-@@ -425,7 +425,9 @@ endif()
- if(JPEG_FOUND)
- add_definitions(-DLIBVNCSERVER_HAVE_LIBJPEG)
- include_directories(${JPEG_INCLUDE_DIR})
-- set(TIGHT_C ${LIBVNCSERVER_DIR}/tight.c ${COMMON_DIR}/turbojpeg.c)
-+ if(PNG_FOUND OR ZLIB_FOUND)
-+ set(TIGHT_C ${LIBVNCSERVER_DIR}/tight.c ${COMMON_DIR}/turbojpeg.c)
-+ endif(PNG_FOUND OR ZLIB_FOUND)
- endif(JPEG_FOUND)
-
- if(PNG_FOUND)
---
-2.25.0
-
+++ /dev/null
-From 54220248886b5001fbbb9fa73c4e1a2cb9413fed Mon Sep 17 00:00:00 2001
-From: Christian Beier <dontmind@freeshell.org>
-Date: Sun, 17 Nov 2019 17:18:35 +0100
-Subject: [PATCH] libvncclient/cursor: limit width/height input values
-
-Avoids a possible heap overflow reported by Pavel Cheremushkin
-<Pavel.Cheremushkin@kaspersky.com>.
-
-re #275
-
-Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
-[Retrieved from:
-https://github.com/LibVNC/libvncserver/commit/54220248886b5001fbbb9fa73c4e1a2cb9413fed]
----
- libvncclient/cursor.c | 5 +++++
- 1 file changed, 5 insertions(+)
-
-diff --git a/libvncclient/cursor.c b/libvncclient/cursor.c
-index 67f45726..40ffb3b0 100644
---- a/libvncclient/cursor.c
-+++ b/libvncclient/cursor.c
-@@ -28,6 +28,8 @@
- #define OPER_SAVE 0
- #define OPER_RESTORE 1
-
-+#define MAX_CURSOR_SIZE 1024
-+
- #define RGB24_TO_PIXEL(bpp,r,g,b) \
- ((((uint##bpp##_t)(r) & 0xFF) * client->format.redMax + 127) / 255 \
- << client->format.redShift | \
-@@ -54,6 +56,9 @@ rfbBool HandleCursorShape(rfbClient* client,int xhot, int yhot, int width, int h
- if (width * height == 0)
- return TRUE;
-
-+ if (width >= MAX_CURSOR_SIZE || height >= MAX_CURSOR_SIZE)
-+ return FALSE;
-+
- /* Allocate memory for pixel data and temporary mask data. */
- if(client->rcSource)
- free(client->rcSource);
# Locally computed:
-sha256 33cbbb4e15bb390f723c311b323cef4a43bcf781984f92d92adda3243a116136 LibVNCServer-0.9.12.tar.gz
+sha256 0ae5bb9175dc0a602fe85c1cf591ac47ee5247b87f2bf164c16b05f87cbfa81a LibVNCServer-0.9.13.tar.gz
sha256 4d23c8c814e5baf007d854f01d8502e77dc56a41144934e003fb32c4e052d20f COPYING
#
################################################################################
-LIBVNCSERVER_VERSION = 0.9.12
+LIBVNCSERVER_VERSION = 0.9.13
LIBVNCSERVER_SOURCE = LibVNCServer-$(LIBVNCSERVER_VERSION).tar.gz
LIBVNCSERVER_SITE = https://github.com/LibVNC/libvncserver/archive
LIBVNCSERVER_LICENSE = GPL-2.0+
LIBVNCSERVER_DEPENDENCIES = host-pkgconf lzo
LIBVNCSERVER_CONF_OPTS = -DWITH_LZO=ON
-# 0003-Limit-lenght-to-INT_MAX-bytes-in-rfbProcessFileTransferReadBuffer.patch
-LIBVNCSERVER_IGNORE_CVES += CVE-2018-20750
-
-# 0004-rfbserver-don-t-leak-stack-memory-to-the-remote.patch
-LIBVNCSERVER_IGNORE_CVES += CVE-2019-15681
-
-# 0006-libvncclient-cursor-limit-width-height-input-values.patch
-LIBVNCSERVER_IGNORE_CVES += CVE-2019-20788
-
# only used for examples
LIBVNCSERVER_CONF_OPTS += \
-DWITH_FFMPEG=OFF \
projects / buildroot.git / commitdiff