1 |
johu 14/07/31 20:46:59 |
2 |
|
3 |
Added: |
4 |
krfb-4.12.5-CVE-2014-4607-unbundle-libvncserver.patch |
5 |
Log: |
6 |
Revision bump unbundles libvncserver, bug #515276. |
7 |
|
8 |
(Portage version: 2.2.10/cvs/Linux x86_64, signed Manifest commit with key F3CFD2BD) |
9 |
|
10 |
Revision Changes Path |
11 |
1.1 kde-base/krfb/files/krfb-4.12.5-CVE-2014-4607-unbundle-libvncserver.patch |
12 |
|
13 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/kde-base/krfb/files/krfb-4.12.5-CVE-2014-4607-unbundle-libvncserver.patch?rev=1.1&view=markup |
14 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/kde-base/krfb/files/krfb-4.12.5-CVE-2014-4607-unbundle-libvncserver.patch?rev=1.1&content-type=text/plain |
15 |
|
16 |
Index: krfb-4.12.5-CVE-2014-4607-unbundle-libvncserver.patch |
17 |
=================================================================== |
18 |
From 08f7c0c3d122f6096408007a0ac44c586c1c36b7 Mon Sep 17 00:00:00 2001 |
19 |
From: Johannes Huber <johu@g.o> |
20 |
Date: Thu, 31 Jul 2014 19:41:01 +0200 |
21 |
Subject: [PATCH] CVE-2014-4607: Unbundle libvncserver |
22 |
|
23 |
http://seclists.org/oss-sec/2014/q2/676 |
24 |
|
25 |
REVIEW: 119548 |
26 |
--- |
27 |
CMakeLists.txt | 12 +++++++---- |
28 |
cmake/modules/FindLibVNCServer.cmake | 41 ++++++++++++++++++++++++++++++++++++ |
29 |
krfb/CMakeLists.txt | 2 ++ |
30 |
krfb/rfb.h | 2 +- |
31 |
4 files changed, 52 insertions(+), 5 deletions(-) |
32 |
create mode 100644 cmake/modules/FindLibVNCServer.cmake |
33 |
|
34 |
diff --git a/CMakeLists.txt b/CMakeLists.txt |
35 |
index 78c19b3..7b0af64 100644 |
36 |
--- a/CMakeLists.txt |
37 |
+++ b/CMakeLists.txt |
38 |
@@ -26,6 +26,13 @@ if(NOT INSIDE_KDENETWORK) |
39 |
include_directories(${CMAKE_SOURCE_DIR} ${CMAKE_BINARY_DIR} ${KDE4_INCLUDES}) |
40 |
endif(NOT INSIDE_KDENETWORK) |
41 |
|
42 |
+set(CMAKE_MODULE_PATH |
43 |
+ "${CMAKE_CURRENT_SOURCE_DIR}/cmake/modules" |
44 |
+ ${CMAKE_MODULE_PATH} |
45 |
+) |
46 |
+ |
47 |
+find_package(LibVNCServer REQUIRED) |
48 |
+ |
49 |
macro_optional_find_package(TelepathyQt4) |
50 |
macro_log_feature(TelepathyQt4_FOUND "telepathy-qt" "Telepathy Qt Bindings" "http://telepathy.freedesktop.org" FALSE "0.9" "Needed to build Telepathy Tubes support.") |
51 |
|
52 |
@@ -35,8 +42,6 @@ macro_bool_to_01(X11_XShm_FOUND HAVE_XSHM) |
53 |
include_directories ("${CMAKE_CURRENT_BINARY_DIR}/krfb" |
54 |
"${CMAKE_CURRENT_SOURCE_DIR}/krfb" |
55 |
"${CMAKE_CURRENT_SOURCE_DIR}/krfb/ui" |
56 |
- "${CMAKE_CURRENT_SOURCE_DIR}/libvncserver/" |
57 |
- "${CMAKE_CURRENT_BINARY_DIR}/libvncserver/" |
58 |
) |
59 |
|
60 |
if(Q_WS_X11) |
61 |
@@ -45,9 +50,8 @@ if(Q_WS_X11) |
62 |
endif(NOT X11_XTest_FOUND) |
63 |
endif(Q_WS_X11) |
64 |
|
65 |
-add_subdirectory(libvncserver) |
66 |
add_subdirectory(krfb) |
67 |
-add_subdirectory (framebuffers) |
68 |
+add_subdirectory(framebuffers) |
69 |
add_subdirectory(doc) |
70 |
|
71 |
if (NOT INSIDE_KDENETWORK) |
72 |
diff --git a/cmake/modules/FindLibVNCServer.cmake b/cmake/modules/FindLibVNCServer.cmake |
73 |
new file mode 100644 |
74 |
index 0000000..5927ab2 |
75 |
--- /dev/null |
76 |
+++ b/cmake/modules/FindLibVNCServer.cmake |
77 |
@@ -0,0 +1,41 @@ |
78 |
+# cmake macro to test LIBVNCSERVER LIB |
79 |
+ |
80 |
+# Copyright (c) 2006, Alessandro Praduroux <pradu@×××××.it> |
81 |
+# Copyright (c) 2007, Urs Wolfer <uwolfer @ kde.org> |
82 |
+# |
83 |
+# Redistribution and use is allowed according to the terms of the BSD license. |
84 |
+# For details see the accompanying COPYING-CMAKE-SCRIPTS file. |
85 |
+ |
86 |
+INCLUDE(CheckPointerMember) |
87 |
+ |
88 |
+IF (LIBVNCSERVER_INCLUDE_DIR AND LIBVNCSERVER_LIBRARIES) |
89 |
+ # Already in cache, be silent |
90 |
+ SET(LIBVNCSERVER_FIND_QUIETLY TRUE) |
91 |
+ENDIF (LIBVNCSERVER_INCLUDE_DIR AND LIBVNCSERVER_LIBRARIES) |
92 |
+ |
93 |
+FIND_PATH(LIBVNCSERVER_INCLUDE_DIR rfb/rfb.h) |
94 |
+ |
95 |
+FIND_LIBRARY(LIBVNCSERVER_LIBRARIES NAMES vncserver libvncserver) |
96 |
+ |
97 |
+# libvncserver and libvncclient are in the same package, so it does |
98 |
+# not make sense to add a new cmake script for finding libvncclient. |
99 |
+# instead just find the libvncclient also in this file. |
100 |
+FIND_PATH(LIBVNCCLIENT_INCLUDE_DIR rfb/rfbclient.h) |
101 |
+FIND_LIBRARY(LIBVNCCLIENT_LIBRARIES NAMES vncclient libvncclient) |
102 |
+ |
103 |
+IF (LIBVNCSERVER_INCLUDE_DIR AND LIBVNCSERVER_LIBRARIES) |
104 |
+ SET(CMAKE_REQUIRED_INCLUDES "${LIBVNCSERVER_INCLUDE_DIR}" "${CMAKE_REQUIRED_INCLUDES}") |
105 |
+ CHECK_POINTER_MEMBER(rfbClient* GotXCutText rfb/rfbclient.h LIBVNCSERVER_FOUND) |
106 |
+ENDIF (LIBVNCSERVER_INCLUDE_DIR AND LIBVNCSERVER_LIBRARIES) |
107 |
+ |
108 |
+IF (LIBVNCSERVER_FOUND) |
109 |
+ IF (NOT LIBVNCSERVER_FIND_QUIETLY) |
110 |
+ MESSAGE(STATUS "Found LibVNCServer: ${LIBVNCSERVER_LIBRARIES}") |
111 |
+ ENDIF (NOT LIBVNCSERVER_FIND_QUIETLY) |
112 |
+ELSE (LIBVNCSERVER_FOUND) |
113 |
+ IF (LIBVNCSERVER_FIND_REQUIRED) |
114 |
+ MESSAGE(FATAL_ERROR "Could NOT find acceptable version of LibVNCServer (version 0.9 or later required).") |
115 |
+ ENDIF (LIBVNCSERVER_FIND_REQUIRED) |
116 |
+ENDIF (LIBVNCSERVER_FOUND) |
117 |
+ |
118 |
+MARK_AS_ADVANCED(LIBVNCSERVER_INCLUDE_DIR LIBVNCSERVER_LIBRARIES) |
119 |
\ No newline at end of file |
120 |
diff --git a/krfb/CMakeLists.txt b/krfb/CMakeLists.txt |
121 |
index bbc508d..08ee30c 100644 |
122 |
--- a/krfb/CMakeLists.txt |
123 |
+++ b/krfb/CMakeLists.txt |
124 |
@@ -20,6 +20,7 @@ target_link_libraries (krfbprivate |
125 |
${QT_QTCORE_LIBRARY} |
126 |
${QT_QTGUI_LIBRARY} |
127 |
${X11_X11_LIB} |
128 |
+ ${LIBVNCSERVER_LIBRARIES} |
129 |
) |
130 |
|
131 |
set_target_properties (krfbprivate PROPERTIES |
132 |
@@ -104,6 +105,7 @@ target_link_libraries (krfb |
133 |
${QT_QTNETWORK_LIBRARY} |
134 |
${KDE4_KDNSSD_LIBS} |
135 |
${KDE4_KDEUI_LIBS} |
136 |
+ ${LIBVNCSERVER_LIBRARIES} |
137 |
) |
138 |
|
139 |
if(TelepathyQt4_FOUND) |
140 |
diff --git a/krfb/rfb.h b/krfb/rfb.h |
141 |
index 40308a2..fa94eda 100644 |
142 |
--- a/krfb/rfb.h |
143 |
+++ b/krfb/rfb.h |
144 |
@@ -6,7 +6,7 @@ |
145 |
#ifndef KRFB_RFB_H |
146 |
#define KRFB_RFB_H |
147 |
|
148 |
-#include "../libvncserver/rfb/rfb.h" |
149 |
+#include "rfb/rfb.h" |
150 |
|
151 |
#undef TRUE |
152 |
#undef FALSE |
153 |
-- |
154 |
2.0.2 |