commit: 93ea1f0d442364cab3392a99672ff650530abff5
Author: Johannes Huber <johu <AT> gentoo <DOT> org>
AuthorDate: Thu Jul 31 18:40:33 2014 +0000
Commit: Johannes Huber <johu <AT> gentoo <DOT> org>
CommitDate: Thu Jul 31 18:40:33 2014 +0000
URL:
http://git.overlays.gentoo.org/gitweb/?p=proj/kde.git;a=commit;h=93ea1f0d
[kde-base/krfb] Unbundle libvncserver, bug #515276
Package-Manager: portage-2.2.10
---
....14.0-CVE-2014-4607-unbundle-libvncserver.patch | 133 +++++++++++++++++++++
...{krfb-4.13.95.ebuild => krfb-4.13.95-r1.ebuild} | 3 +
kde-base/krfb/krfb-4.14.49.9999.ebuild | 3 +
3 files changed, 139 insertions(+)
diff --git
a/kde-base/krfb/files/krfb-4.14.0-CVE-2014-4607-unbundle-libvncserver.patch
b/kde-base/krfb/files/krfb-4.14.0-CVE-2014-4607-unbundle-libvncserver.patch
new file mode 100644
index 0000000..202519b
--- /dev/null
+++ b/kde-base/krfb/files/krfb-4.14.0-CVE-2014-4607-unbundle-libvncserver.patch
@@ -0,0 +1,133 @@
+From 766fc7694a58b7e01c003356db94276f07b791b5 Mon Sep 17 00:00:00 2001
+From: Johannes Huber <[email protected]>
+Date: Thu, 31 Jul 2014 19:41:01 +0200
+Subject: [PATCH] CVE-2014-4607: Unbundle libvncserver
+
+http://seclists.org/oss-sec/2014/q2/676
+
+REVIEW: 119548
+---
+ CMakeLists.txt | 7 +++---
+ cmake/modules/FindLibVNCServer.cmake | 41 ++++++++++++++++++++++++++++++++++++
+ krfb/CMakeLists.txt | 2 ++
+ krfb/rfb.h | 2 +-
+ 4 files changed, 47 insertions(+), 5 deletions(-)
+ create mode 100644 cmake/modules/FindLibVNCServer.cmake
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index 4aa24dd..0b29da0 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -32,6 +32,8 @@ set(CMAKE_MODULE_PATH
+ ${CMAKE_MODULE_PATH}
+ )
+
++find_package(LibVNCServer REQUIRED)
++
+ macro_optional_find_package(TelepathyQt4)
+ macro_log_feature(TelepathyQt4_FOUND "telepathy-qt" "Telepathy Qt Bindings"
"http://telepathy.freedesktop.org"; FALSE "0.9" "Needed to build Telepathy Tubes
support.")
+
+@@ -44,8 +46,6 @@ macro_bool_to_01(X11_XShm_FOUND HAVE_XSHM)
+ include_directories ("${CMAKE_CURRENT_BINARY_DIR}/krfb"
+ "${CMAKE_CURRENT_SOURCE_DIR}/krfb"
+ "${CMAKE_CURRENT_SOURCE_DIR}/krfb/ui"
+- "${CMAKE_CURRENT_SOURCE_DIR}/libvncserver/"
+- "${CMAKE_CURRENT_BINARY_DIR}/libvncserver/"
+ )
+
+ if(Q_WS_X11)
+@@ -54,9 +54,8 @@ if(Q_WS_X11)
+ endif(NOT X11_XTest_FOUND)
+ endif(Q_WS_X11)
+
+-add_subdirectory(libvncserver)
+ add_subdirectory(krfb)
+-add_subdirectory (framebuffers)
++add_subdirectory(framebuffers)
+ add_subdirectory(doc)
+
+ if (NOT INSIDE_KDENETWORK)
+diff --git a/cmake/modules/FindLibVNCServer.cmake
b/cmake/modules/FindLibVNCServer.cmake
+new file mode 100644
+index 0000000..5927ab2
+--- /dev/null
++++ b/cmake/modules/FindLibVNCServer.cmake
+@@ -0,0 +1,41 @@
++# cmake macro to test LIBVNCSERVER LIB
++
++# Copyright (c) 2006, Alessandro Praduroux <[email protected]>
++# Copyright (c) 2007, Urs Wolfer <uwolfer @ kde.org>
++#
++# Redistribution and use is allowed according to the terms of the BSD license.
++# For details see the accompanying COPYING-CMAKE-SCRIPTS file.
++
++INCLUDE(CheckPointerMember)
++
++IF (LIBVNCSERVER_INCLUDE_DIR AND LIBVNCSERVER_LIBRARIES)
++ # Already in cache, be silent
++ SET(LIBVNCSERVER_FIND_QUIETLY TRUE)
++ENDIF (LIBVNCSERVER_INCLUDE_DIR AND LIBVNCSERVER_LIBRARIES)
++
++FIND_PATH(LIBVNCSERVER_INCLUDE_DIR rfb/rfb.h)
++
++FIND_LIBRARY(LIBVNCSERVER_LIBRARIES NAMES vncserver libvncserver)
++
++# libvncserver and libvncclient are in the same package, so it does
++# not make sense to add a new cmake script for finding libvncclient.
++# instead just find the libvncclient also in this file.
++FIND_PATH(LIBVNCCLIENT_INCLUDE_DIR rfb/rfbclient.h)
++FIND_LIBRARY(LIBVNCCLIENT_LIBRARIES NAMES vncclient libvncclient)
++
++IF (LIBVNCSERVER_INCLUDE_DIR AND LIBVNCSERVER_LIBRARIES)
++ SET(CMAKE_REQUIRED_INCLUDES "${LIBVNCSERVER_INCLUDE_DIR}"
"${CMAKE_REQUIRED_INCLUDES}")
++ CHECK_POINTER_MEMBER(rfbClient* GotXCutText rfb/rfbclient.h
LIBVNCSERVER_FOUND)
++ENDIF (LIBVNCSERVER_INCLUDE_DIR AND LIBVNCSERVER_LIBRARIES)
++
++IF (LIBVNCSERVER_FOUND)
++ IF (NOT LIBVNCSERVER_FIND_QUIETLY)
++ MESSAGE(STATUS "Found LibVNCServer: ${LIBVNCSERVER_LIBRARIES}")
++ ENDIF (NOT LIBVNCSERVER_FIND_QUIETLY)
++ELSE (LIBVNCSERVER_FOUND)
++ IF (LIBVNCSERVER_FIND_REQUIRED)
++ MESSAGE(FATAL_ERROR "Could NOT find acceptable version of LibVNCServer
(version 0.9 or later required).")
++ ENDIF (LIBVNCSERVER_FIND_REQUIRED)
++ENDIF (LIBVNCSERVER_FOUND)
++
++MARK_AS_ADVANCED(LIBVNCSERVER_INCLUDE_DIR LIBVNCSERVER_LIBRARIES)
+\ No newline at end of file
+diff --git a/krfb/CMakeLists.txt b/krfb/CMakeLists.txt
+index a65eea8..100b49b 100644
+--- a/krfb/CMakeLists.txt
++++ b/krfb/CMakeLists.txt
+@@ -20,6 +20,7 @@ target_link_libraries (krfbprivate
+ ${QT_QTCORE_LIBRARY}
+ ${QT_QTGUI_LIBRARY}
+ ${X11_X11_LIB}
++ ${LIBVNCSERVER_LIBRARIES}
+ )
+
+ set_target_properties (krfbprivate PROPERTIES
+@@ -103,6 +104,7 @@ target_link_libraries (krfb
+ ${QT_QTNETWORK_LIBRARY}
+ ${KDE4_KDNSSD_LIBS}
+ ${KDE4_KDEUI_LIBS}
++ ${LIBVNCSERVER_LIBRARIES}
+ )
+
+ if(TelepathyQt4_FOUND)
+diff --git a/krfb/rfb.h b/krfb/rfb.h
+index 40308a2..fa94eda 100644
+--- a/krfb/rfb.h
++++ b/krfb/rfb.h
+@@ -6,7 +6,7 @@
+ #ifndef KRFB_RFB_H
+ #define KRFB_RFB_H
+
+-#include "../libvncserver/rfb/rfb.h"
++#include "rfb/rfb.h"
+
+ #undef TRUE
+ #undef FALSE
+--
+2.0.2
+
diff --git a/kde-base/krfb/krfb-4.13.95.ebuild
b/kde-base/krfb/krfb-4.13.95-r1.ebuild
similarity index 85%
rename from kde-base/krfb/krfb-4.13.95.ebuild
rename to kde-base/krfb/krfb-4.13.95-r1.ebuild
index 418905e..6030a3a 100644
--- a/kde-base/krfb/krfb-4.13.95.ebuild
+++ b/kde-base/krfb/krfb-4.13.95-r1.ebuild
@@ -13,6 +13,7 @@ KEYWORDS="~amd64 ~x86 ~amd64-linux ~x86-linux"
IUSE="debug telepathy"
DEPEND="
+ >=net-libs/libvncserver-0.9.9
sys-libs/zlib
virtual/jpeg:0
!aqua? (
@@ -25,6 +26,8 @@ DEPEND="
"
RDEPEND="${DEPEND}"
+PATCHES=( "${FILESDIR}/${PN}-4.14.0-CVE-2014-4607-unbundle-libvncserver.patch"
)
+
src_configure() {
local mycmakeargs=(
$(cmake-utils_use_with telepathy TelepathyQt4)
diff --git a/kde-base/krfb/krfb-4.14.49.9999.ebuild
b/kde-base/krfb/krfb-4.14.49.9999.ebuild
index b6b6d7b..7840cdd 100644
--- a/kde-base/krfb/krfb-4.14.49.9999.ebuild
+++ b/kde-base/krfb/krfb-4.14.49.9999.ebuild
@@ -13,6 +13,7 @@ KEYWORDS=""
IUSE="debug telepathy"
DEPEND="
+ >=net-libs/libvncserver-0.9.9
sys-libs/zlib
virtual/jpeg:0
!aqua? (
@@ -25,6 +26,8 @@ DEPEND="
"
RDEPEND="${DEPEND}"
+PATCHES=( "${FILESDIR}/${PN}-4.14.0-CVE-2014-4607-unbundle-libvncserver.patch"
)
+
src_configure() {
local mycmakeargs=(
$(cmake-utils_use_with telepathy TelepathyQt4)
