Details: https://nvd.nist.gov/vuln/detail/CVE-2020-29260
Pick the patch referenced by the NVD report. Signed-off-by: Gyorgy Sarvari <[email protected]> --- .../libvncserver/CVE-2020-29260.patch | 28 +++++++++++++++++++ .../libvncserver/libvncserver_0.9.13.bb | 4 ++- 2 files changed, 31 insertions(+), 1 deletion(-) create mode 100644 meta-oe/recipes-graphics/libvncserver/libvncserver/CVE-2020-29260.patch diff --git a/meta-oe/recipes-graphics/libvncserver/libvncserver/CVE-2020-29260.patch b/meta-oe/recipes-graphics/libvncserver/libvncserver/CVE-2020-29260.patch new file mode 100644 index 0000000000..c865b8e067 --- /dev/null +++ b/meta-oe/recipes-graphics/libvncserver/libvncserver/CVE-2020-29260.patch @@ -0,0 +1,28 @@ +From 060f7b71c2ae62c2253a387efe27b0593d04a1ae Mon Sep 17 00:00:00 2001 +From: Christian Beier <[email protected]> +Date: Sat, 21 Nov 2020 12:52:31 +0100 +Subject: [PATCH] libvncclient: free vncRec memory in rfbClientCleanup() + +Otherwise we leak memory. Spotted by Ramin Farajpour Cami +<[email protected]>, thanks! + +CVE: CVE-2020-29260 +Upstream-Status: Backport [https://github.com/LibVNC/libvncserver/commit/bef41f6ec4097a8ee094f90a1b34a708fbd757ec] +Signed-off-by: Gyorgy Sarvari <[email protected]> +--- + libvncclient/vncviewer.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/libvncclient/vncviewer.c b/libvncclient/vncviewer.c +index d6b91f02..0a1bdcf6 100644 +--- a/libvncclient/vncviewer.c ++++ b/libvncclient/vncviewer.c +@@ -534,6 +534,8 @@ void rfbClientCleanup(rfbClient* client) { + client->clientData = next; + } + ++ free(client->vncRec); ++ + if (client->sock != RFB_INVALID_SOCKET) + rfbCloseSocket(client->sock); + if (client->listenSock != RFB_INVALID_SOCKET) diff --git a/meta-oe/recipes-graphics/libvncserver/libvncserver_0.9.13.bb b/meta-oe/recipes-graphics/libvncserver/libvncserver_0.9.13.bb index 93f6951739..96cf9591b1 100644 --- a/meta-oe/recipes-graphics/libvncserver/libvncserver_0.9.13.bb +++ b/meta-oe/recipes-graphics/libvncserver/libvncserver_0.9.13.bb @@ -44,7 +44,9 @@ FILES:libvncclient = "${libdir}/libvncclient.*" inherit cmake -SRC_URI = "git://github.com/LibVNC/libvncserver;branch=master;protocol=https" +SRC_URI = "git://github.com/LibVNC/libvncserver;branch=master;protocol=https \ + file://CVE-2020-29260.patch \ + " SRCREV = "2aa20dad4c23c18948d3f63b33f9dfec1f837729" S = "${WORKDIR}/git"
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#123967): https://lists.openembedded.org/g/openembedded-devel/message/123967 Mute This Topic: https://lists.openembedded.org/mt/117503734/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
