Hello community, here is the log from the commit of package tigervnc for openSUSE:Leap:15.2 checked in at 2020-06-01 12:09:32 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.2/tigervnc (Old) and /work/SRC/openSUSE:Leap:15.2/.tigervnc.new.3606 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "tigervnc" Mon Jun 1 12:09:32 2020 rev:58 rq:810182 version:1.9.0 Changes: -------- --- /work/SRC/openSUSE:Leap:15.2/tigervnc/tigervnc.changes 2020-01-23 09:20:27.738686698 +0100 +++ /work/SRC/openSUSE:Leap:15.2/.tigervnc.new.3606/tigervnc.changes 2020-06-01 12:09:33.666387554 +0200 @@ -1,0 +2,7 @@ +Wed May 13 13:02:11 UTC 2020 - Stefan Dirsch <sndir...@suse.com> + +- U_Avoid-potential-crash-when-replacing-buffer-in-Plain.patch + * fixes crash in free() when using "-f" option of vncpasswd + command (bsc#1171519) + +------------------------------------------------------------------- New: ---- U_Avoid-potential-crash-when-replacing-buffer-in-Plain.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ tigervnc.spec ++++++ --- /var/tmp/diff_new_pack.HZjb7Z/_old 2020-06-01 12:09:34.642390622 +0200 +++ /var/tmp/diff_new_pack.HZjb7Z/_new 2020-06-01 12:09:34.646390635 +0200 @@ -152,6 +152,7 @@ Patch31: 0011-Be-defensive-about-overflows-in-stream-objects.patch Patch32: 0012-Add-unit-tests-for-PixelFormat.is888-detection.patch Patch33: 0013-Handle-pixel-formats-with-odd-shift-values.patch +Patch40: U_Avoid-potential-crash-when-replacing-buffer-in-Plain.patch %description TigerVNC is an implementation of VNC (Virtual Network Computing), a @@ -283,6 +284,7 @@ %patch31 -p1 %patch32 -p1 %patch33 -p1 +%patch40 -p1 pushd unix/xserver patch -p1 < ../xserver120.patch ++++++ U_Avoid-potential-crash-when-replacing-buffer-in-Plain.patch ++++++ >From a752d8fd7a0622e11dda72f690d4fea8cb913178 Mon Sep 17 00:00:00 2001 From: Jan Grulich <jgrul...@redhat.com> Date: Mon, 1 Oct 2018 10:17:20 +0200 Subject: [PATCH 1/5] Avoid potential crash when replacing buffer in PlainPasswd --- common/rfb/util.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/common/rfb/util.h b/common/rfb/util.h index b678b890..9e59bd37 100644 --- a/common/rfb/util.h +++ b/common/rfb/util.h @@ -50,7 +50,7 @@ namespace rfb { CharArray() : buf(0) {} CharArray(char* str) : buf(str) {} // note: assumes ownership CharArray(size_t len) { - buf = new char[len]; + buf = new char[len](); } ~CharArray() { delete [] buf; -- 2.16.4