commit: a5bc185da4d9674b76402066960137ad108601e2 Author: orbea <orbea <AT> riseup <DOT> net> AuthorDate: Fri Oct 7 18:16:01 2022 +0000 Commit: Quentin Retornaz <gentoo <AT> retornaz <DOT> com> CommitDate: Fri Oct 7 21:11:15 2022 +0000 URL: https://gitweb.gentoo.org/repo/proj/libressl.git/commit/?id=a5bc185d
net-libs/libvncserver: Add 0.9.13-r1 Signed-off-by: orbea <orbea <AT> riseup.net> Signed-off-by: Quentin Retornaz <gentoo <AT> retornaz.com> .../files/libvncserver-0.9.13-CVE-2020-29260.patch | 27 ++++++++++++++++++++++ ...0.9.13.ebuild => libvncserver-0.9.13-r1.ebuild} | 7 +++--- 2 files changed, 31 insertions(+), 3 deletions(-) diff --git a/net-libs/libvncserver/files/libvncserver-0.9.13-CVE-2020-29260.patch b/net-libs/libvncserver/files/libvncserver-0.9.13-CVE-2020-29260.patch new file mode 100644 index 0000000..23ffed8 --- /dev/null +++ b/net-libs/libvncserver/files/libvncserver-0.9.13-CVE-2020-29260.patch @@ -0,0 +1,27 @@ +From bef41f6ec4097a8ee094f90a1b34a708fbd757ec Mon Sep 17 00:00:00 2001 +From: Christian Beier <[email protected]> +Date: Sat, 21 Nov 2020 12:52:31 +0100 +Subject: [PATCH] libvncclient: free vncRec memory in rfbClientCleanup() + +Otherwise we leak memory. Spotted by Ramin Farajpour Cami +<[email protected]>, thanks! +--- + libvncclient/vncviewer.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/libvncclient/vncviewer.c b/libvncclient/vncviewer.c +index d6b91f02..0a1bdcf6 100644 +--- a/libvncclient/vncviewer.c ++++ b/libvncclient/vncviewer.c +@@ -534,6 +534,8 @@ void rfbClientCleanup(rfbClient* client) { + client->clientData = next; + } + ++ free(client->vncRec); ++ + if (client->sock != RFB_INVALID_SOCKET) + rfbCloseSocket(client->sock); + if (client->listenSock != RFB_INVALID_SOCKET) +-- +2.35.1 + diff --git a/net-libs/libvncserver/libvncserver-0.9.13.ebuild b/net-libs/libvncserver/libvncserver-0.9.13-r1.ebuild similarity index 94% rename from net-libs/libvncserver/libvncserver-0.9.13.ebuild rename to net-libs/libvncserver/libvncserver-0.9.13-r1.ebuild index 7fbb4db..99acceb 100644 --- a/net-libs/libvncserver/libvncserver-0.9.13.ebuild +++ b/net-libs/libvncserver/libvncserver-0.9.13-r1.ebuild @@ -1,7 +1,7 @@ -# Copyright 1999-2021 Gentoo Authors +# Copyright 1999-2022 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 -EAPI=7 +EAPI=8 inherit cmake @@ -36,7 +36,7 @@ DEPEND=" ) gnutls? ( >=net-libs/gnutls-2.12.23-r6:0= ) ) - jpeg? ( >=virtual/jpeg-0-r2:0 ) + jpeg? ( media-libs/libjpeg-turbo:= ) lzo? ( dev-libs/lzo ) png? ( >=media-libs/libpng-1.6.10:0= ) sasl? ( dev-libs/cyrus-sasl ) @@ -50,6 +50,7 @@ DOCS=( AUTHORS ChangeLog NEWS.md README.md TODO.md ) PATCHES=( "${FILESDIR}"/${P}-test-fix-includetest.patch "${FILESDIR}"/${P}-test-fix-tjunittest.patch + "${FILESDIR}"/${P}-CVE-2020-29260.patch "${FILESDIR}"/${P}-libressl.patch )
