summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRaúl Porcel <armin76@gentoo.org>2007-04-11 20:54:38 +0000
committerRaúl Porcel <armin76@gentoo.org>2007-04-11 20:54:38 +0000
commit20f2c447e22684d0ed22655e0b1f9b78a94df585 (patch)
tree91ddc258f11ea6668a2dc08cb563be197122c79c /net-misc/tightvnc
parentTimezone updates. Fixes for the KDE bugs #140624, #140650, #140688 and #143511. (diff)
downloadhistorical-20f2c447e22684d0ed22655e0b1f9b78a94df585.tar.gz
historical-20f2c447e22684d0ed22655e0b1f9b78a94df585.tar.bz2
historical-20f2c447e22684d0ed22655e0b1f9b78a94df585.zip
New security patches from Mandriva, bug 174200
Package-Manager: portage-2.1.2.3
Diffstat (limited to 'net-misc/tightvnc')
-rw-r--r--net-misc/tightvnc/ChangeLog10
-rw-r--r--net-misc/tightvnc/Manifest23
-rw-r--r--net-misc/tightvnc/files/digest-tightvnc-1.2.9-r43
-rw-r--r--net-misc/tightvnc/files/tightvnc-1.2.9-server-CVE-2007-1003.patch36
-rw-r--r--net-misc/tightvnc/files/tightvnc-1.2.9-server-CVE-2007-1351-1352.patch49
-rw-r--r--net-misc/tightvnc/tightvnc-1.2.9-r4.ebuild112
6 files changed, 228 insertions, 5 deletions
diff --git a/net-misc/tightvnc/ChangeLog b/net-misc/tightvnc/ChangeLog
index 14286a50f30b..8bbd0dda69fd 100644
--- a/net-misc/tightvnc/ChangeLog
+++ b/net-misc/tightvnc/ChangeLog
@@ -1,6 +1,14 @@
# ChangeLog for net-misc/tightvnc
# Copyright 2002-2007 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/tightvnc/ChangeLog,v 1.89 2007/02/26 12:39:36 armin76 Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-misc/tightvnc/ChangeLog,v 1.90 2007/04/11 20:54:38 armin76 Exp $
+
+*tightvnc-1.2.9-r4 (11 Apr 2007)
+
+ 11 Apr 2007; Raúl Porcel <armin76@gentoo.org>
+ +files/tightvnc-1.2.9-server-CVE-2007-1003.patch,
+ +files/tightvnc-1.2.9-server-CVE-2007-1351-1352.patch,
+ +tightvnc-1.2.9-r4.ebuild:
+ New security patches from Mandriva, bug 174200
26 Feb 2007; Raúl Porcel <armin76@gentoo.org> +files/vncviewer.png,
tightvnc-1.2.9-r3.ebuild, tightvnc-1.3.8.ebuild:
diff --git a/net-misc/tightvnc/Manifest b/net-misc/tightvnc/Manifest
index 5160e70f6bf0..10e511585a04 100644
--- a/net-misc/tightvnc/Manifest
+++ b/net-misc/tightvnc/Manifest
@@ -22,6 +22,14 @@ AUX tightvnc-1.2.9-pathfixes.patch 826 RMD160 bd3f436c816d78892ffa8fe32acdbc8b89
MD5 89eadc2f34995c86c1618b12f95cc246 files/tightvnc-1.2.9-pathfixes.patch 826
RMD160 bd3f436c816d78892ffa8fe32acdbc8b89acb00b files/tightvnc-1.2.9-pathfixes.patch 826
SHA256 717af3ec4fe50b81e37b2efec539d64e5b703d1d63dadd93d819206708b30266 files/tightvnc-1.2.9-pathfixes.patch 826
+AUX tightvnc-1.2.9-server-CVE-2007-1003.patch 1062 RMD160 c7a21dc431924e0d430e4fd1a76e57a0f8564bb6 SHA1 2ed68d40c91eac77eaf6cf617bfe5aaa4912923a SHA256 4c1eda952e06e954e296a4abf304746b32a7ec45f6bdffb9f0adc0b2d692d6d2
+MD5 f5e037eda8045951919bedc3bf618723 files/tightvnc-1.2.9-server-CVE-2007-1003.patch 1062
+RMD160 c7a21dc431924e0d430e4fd1a76e57a0f8564bb6 files/tightvnc-1.2.9-server-CVE-2007-1003.patch 1062
+SHA256 4c1eda952e06e954e296a4abf304746b32a7ec45f6bdffb9f0adc0b2d692d6d2 files/tightvnc-1.2.9-server-CVE-2007-1003.patch 1062
+AUX tightvnc-1.2.9-server-CVE-2007-1351-1352.patch 1556 RMD160 7e801c3afc71c81ce7225e37810871004f718a8a SHA1 005e56e2d992369a56792726c2c45c85831c98b0 SHA256 9bf98f6dfcf375edb7602ceb25df1d2fad902ae2f8aa24e516ef4b27b5246a84
+MD5 3fecce8a0d2526997335381c1cbbce54 files/tightvnc-1.2.9-server-CVE-2007-1351-1352.patch 1556
+RMD160 7e801c3afc71c81ce7225e37810871004f718a8a files/tightvnc-1.2.9-server-CVE-2007-1351-1352.patch 1556
+SHA256 9bf98f6dfcf375edb7602ceb25df1d2fad902ae2f8aa24e516ef4b27b5246a84 files/tightvnc-1.2.9-server-CVE-2007-1351-1352.patch 1556
AUX tightvnc-1.3.8-amd64.patch 5278 RMD160 555b78e36df77b721699652cc085c037a6d47111 SHA1 125e4c6a7334935bb9e9cf46291b1f1abade98b1 SHA256 e29ad675941ef90a2ef13095e950a63fd67134c9b6ed1cf44a7aa83342c645a9
MD5 dc6cc8160bc641c7f0907473e1400f6c files/tightvnc-1.3.8-amd64.patch 5278
RMD160 555b78e36df77b721699652cc085c037a6d47111 files/tightvnc-1.3.8-amd64.patch 5278
@@ -60,14 +68,18 @@ EBUILD tightvnc-1.2.9-r3.ebuild 2872 RMD160 ebac825b740010b85b1faf3b61d4f131c0e9
MD5 cd1f16c55e6f5b44ac0c35290f7b616c tightvnc-1.2.9-r3.ebuild 2872
RMD160 ebac825b740010b85b1faf3b61d4f131c0e9c35e tightvnc-1.2.9-r3.ebuild 2872
SHA256 744bf69b2c424b539ef1377da1469984ae5e21b1a0395725885bacaa9f1312ac tightvnc-1.2.9-r3.ebuild 2872
+EBUILD tightvnc-1.2.9-r4.ebuild 2990 RMD160 d1972d3a657d7d9d30ed4b25296f8535d202e55f SHA1 681685399ddc0d76d2b108fef009d6672907d0e1 SHA256 80c3e826d4464a0bb87d04e24203e7d651b5bd4682d27939800592b47f547026
+MD5 70c85456e410b1a8eb428181e60fe141 tightvnc-1.2.9-r4.ebuild 2990
+RMD160 d1972d3a657d7d9d30ed4b25296f8535d202e55f tightvnc-1.2.9-r4.ebuild 2990
+SHA256 80c3e826d4464a0bb87d04e24203e7d651b5bd4682d27939800592b47f547026 tightvnc-1.2.9-r4.ebuild 2990
EBUILD tightvnc-1.3.8.ebuild 2810 RMD160 c45331235e43bd9f9424f283146985ec9209a644 SHA1 dc53fb825df98c66336d8a9b45d0d416a2004184 SHA256 5010decbe93a40bcf531ec486fe8cc244c981063a1fab7f2773d3cd044206d52
MD5 e2f917cc9b2ce75c79c2b793b722d140 tightvnc-1.3.8.ebuild 2810
RMD160 c45331235e43bd9f9424f283146985ec9209a644 tightvnc-1.3.8.ebuild 2810
SHA256 5010decbe93a40bcf531ec486fe8cc244c981063a1fab7f2773d3cd044206d52 tightvnc-1.3.8.ebuild 2810
-MISC ChangeLog 13420 RMD160 93e7cb3268e93815d72c3f46cf2016bb8bd0a707 SHA1 ce3f8774b4aa80fa91c97d6fc63b5bd870f63cbd SHA256 7ce60e87b06789f7f2502b7536a991b2b082dc7ede938b1b8b1994607a2a0bff
-MD5 41bb136522b743287611e9636016af69 ChangeLog 13420
-RMD160 93e7cb3268e93815d72c3f46cf2016bb8bd0a707 ChangeLog 13420
-SHA256 7ce60e87b06789f7f2502b7536a991b2b082dc7ede938b1b8b1994607a2a0bff ChangeLog 13420
+MISC ChangeLog 13691 RMD160 3bdf0d79a0faf802bc3497cd2eaff409a3eebbd8 SHA1 8633a0b19edcbe0b2acc6feec7b1489fdc4f0312 SHA256 4feadec315210d35971ad8c24fa185ac8642264745cf7e6d02383a806ff959ee
+MD5 4dd9cab4daf47c193d75b7c3bb891ba0 ChangeLog 13691
+RMD160 3bdf0d79a0faf802bc3497cd2eaff409a3eebbd8 ChangeLog 13691
+SHA256 4feadec315210d35971ad8c24fa185ac8642264745cf7e6d02383a806ff959ee ChangeLog 13691
MISC metadata.xml 223 RMD160 f88bcdebf752bcc3933b4159df5d8f9f7d487ca1 SHA1 4a17e70b26b3bba2ec6eddb403ff890bb8bcf13f SHA256 98c023870e5fbbcc4f050a192947b7b6bbd239041c9f921b3fbf64b03523019f
MD5 038a74c1f0dc742c6df70730348c240a metadata.xml 223
RMD160 f88bcdebf752bcc3933b4159df5d8f9f7d487ca1 metadata.xml 223
@@ -75,6 +87,9 @@ SHA256 98c023870e5fbbcc4f050a192947b7b6bbd239041c9f921b3fbf64b03523019f metadata
MD5 31a483eed14190f8cd911b0d05521431 files/digest-tightvnc-1.2.9-r3 274
RMD160 c998a7ff40fb44c186f7089d877a68b8e33a4a06 files/digest-tightvnc-1.2.9-r3 274
SHA256 c7b13ad35c4b2e2bde6a2fcb01b6ad276384a265613a35ee739c2a3f0c2e3ea3 files/digest-tightvnc-1.2.9-r3 274
+MD5 31a483eed14190f8cd911b0d05521431 files/digest-tightvnc-1.2.9-r4 274
+RMD160 c998a7ff40fb44c186f7089d877a68b8e33a4a06 files/digest-tightvnc-1.2.9-r4 274
+SHA256 c7b13ad35c4b2e2bde6a2fcb01b6ad276384a265613a35ee739c2a3f0c2e3ea3 files/digest-tightvnc-1.2.9-r4 274
MD5 bfe15238bfcba463b0abf4e830dbc177 files/digest-tightvnc-1.3.8 274
RMD160 da00418fe1031595ec6a5943151b71ac60c5e8cf files/digest-tightvnc-1.3.8 274
SHA256 b5684a8c3ea14d9490e9fe673bb74100da2bd98b86c58dc2332857f4f2885193 files/digest-tightvnc-1.3.8 274
diff --git a/net-misc/tightvnc/files/digest-tightvnc-1.2.9-r4 b/net-misc/tightvnc/files/digest-tightvnc-1.2.9-r4
new file mode 100644
index 000000000000..d72709d4f9b6
--- /dev/null
+++ b/net-misc/tightvnc/files/digest-tightvnc-1.2.9-r4
@@ -0,0 +1,3 @@
+MD5 f804b26c098625e3a2675a0aa7709e31 tightvnc-1.2.9_unixsrc.tar.bz2 1738256
+RMD160 57c4d24bbc008b7188ae4bb177fbb409bc1d26d3 tightvnc-1.2.9_unixsrc.tar.bz2 1738256
+SHA256 c1ba77f832d6c81349f05219802c48b3435cfb6db88f496c9bb08b52b8405548 tightvnc-1.2.9_unixsrc.tar.bz2 1738256
diff --git a/net-misc/tightvnc/files/tightvnc-1.2.9-server-CVE-2007-1003.patch b/net-misc/tightvnc/files/tightvnc-1.2.9-server-CVE-2007-1003.patch
new file mode 100644
index 000000000000..0f97c11dc4dc
--- /dev/null
+++ b/net-misc/tightvnc/files/tightvnc-1.2.9-server-CVE-2007-1003.patch
@@ -0,0 +1,36 @@
+--- vnc_unixsrc/Xvnc/programs/Xserver/Xext/xcmisc.c.cve-2007-1003 2000-06-11 06:00:51.000000000 -0600
++++ vnc_unixsrc/Xvnc/programs/Xserver/Xext/xcmisc.c 2007-03-22 07:07:34.000000000 -0600
+@@ -41,6 +41,12 @@ from the X Consortium.
+ #include "swaprep.h"
+ #include "xcmiscstr.h"
+
++#if HAVE_STDINT_H
++#include <stdint.h>
++#elif !defined(UINT32_MAX)
++#define UINT32_MAX 0xffffffffU
++#endif
++
+ static unsigned char XCMiscCode;
+
+ static void XCMiscResetProc(
+@@ -135,7 +141,10 @@ ProcXCMiscGetXIDList(client)
+
+ REQUEST_SIZE_MATCH(xXCMiscGetXIDListReq);
+
+- pids = (XID *)ALLOCATE_LOCAL(stuff->count * sizeof(XID));
++ if (stuff->count > UINT32_MAX / sizeof(XID))
++ return BadAlloc;
++
++ pids = (XID *)Xalloc(stuff->count * sizeof(XID));
+ if (!pids)
+ {
+ return BadAlloc;
+@@ -156,7 +165,7 @@ ProcXCMiscGetXIDList(client)
+ client->pSwapReplyFunc = (ReplySwapPtr) Swap32Write;
+ WriteSwappedDataToClient(client, count * sizeof(XID), pids);
+ }
+- DEALLOCATE_LOCAL(pids);
++ Xfree(pids);
+ return(client->noClientException);
+ }
+
diff --git a/net-misc/tightvnc/files/tightvnc-1.2.9-server-CVE-2007-1351-1352.patch b/net-misc/tightvnc/files/tightvnc-1.2.9-server-CVE-2007-1351-1352.patch
new file mode 100644
index 000000000000..4c9a1adcb2fd
--- /dev/null
+++ b/net-misc/tightvnc/files/tightvnc-1.2.9-server-CVE-2007-1351-1352.patch
@@ -0,0 +1,49 @@
+--- vnc_unixsrc/Xvnc/lib/font/fontfile/fontdir.c.cve-2007-1351-1352 2000-06-11 06:00:53.000000000 -0600
++++ vnc_unixsrc/Xvnc/lib/font/fontfile/fontdir.c 2007-03-28 16:08:03.000000000 -0600
+@@ -35,11 +35,19 @@ in this Software without prior written a
+ #include "fntfilst.h"
+ #include <X11/keysym.h>
+
++#if HAVE_STDINT_H
++#include <stdint.h>
++#elif !defined(INT32_MAX)
++#define INT32_MAX 0x7fffffff
++#endif
++
+ Bool
+ FontFileInitTable (table, size)
+ FontTablePtr table;
+ int size;
+ {
++ if (size < 0 || (size > INT32_MAX/sizeof(FontEntryRec)))
++ return FALSE;
+ if (size)
+ {
+ table->entries = (FontEntryPtr) xalloc(sizeof(FontEntryRec) * size);
+--- vnc_unixsrc/Xvnc/lib/font/bitmap/bdfread.c.cve-2007-1351-1352 2000-06-11 06:00:52.000000000 -0600
++++ vnc_unixsrc/Xvnc/lib/font/bitmap/bdfread.c 2007-03-28 16:06:06.000000000 -0600
+@@ -59,6 +59,12 @@ from the X Consortium.
+ #include "bitmap.h"
+ #include "bdfint.h"
+
++#if HAVE_STDINT_H
++#include <stdint.h>
++#elif !defined(INT32_MAX)
++#define INT32_MAX 0x7fffffff
++#endif
++
+ #define INDICES 256
+ #define MAXENCODING 0xFFFF
+ #define BDFLINELEN 1024
+@@ -271,6 +277,11 @@ bdfReadCharacters(file, pFont, pState, b
+ bdfError("invalid number of CHARS in BDF file\n");
+ return (FALSE);
+ }
++ if (nchars > INT32_MAX / sizeof(CharInfoRec)) {
++ bdfError("Couldn't allocate pCI (%d*%d)\n", nchars,
++ sizeof(CharInfoRec));
++ goto BAILOUT;
++ }
+ ci = (CharInfoPtr) xalloc(nchars * sizeof(CharInfoRec));
+ if (!ci) {
+ bdfError("Couldn't allocate pCI (%d*%d)\n", nchars,
diff --git a/net-misc/tightvnc/tightvnc-1.2.9-r4.ebuild b/net-misc/tightvnc/tightvnc-1.2.9-r4.ebuild
new file mode 100644
index 000000000000..395e7828b3f3
--- /dev/null
+++ b/net-misc/tightvnc/tightvnc-1.2.9-r4.ebuild
@@ -0,0 +1,112 @@
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-misc/tightvnc/tightvnc-1.2.9-r4.ebuild,v 1.1 2007/04/11 20:54:38 armin76 Exp $
+
+inherit eutils toolchain-funcs
+
+IUSE="java tcpd server"
+
+S="${WORKDIR}/vnc_unixsrc"
+DESCRIPTION="A great client/server software package allowing remote network access to graphical desktops."
+SRC_URI="mirror://sourceforge/vnc-tight/${P}_unixsrc.tar.bz2"
+HOMEPAGE="http://www.tightvnc.com/"
+
+KEYWORDS="~alpha ~amd64 ~ppc ~sparc ~x86"
+LICENSE="GPL-2"
+SLOT="0"
+
+DEPEND="x11-libs/libX11
+ x11-libs/libXaw
+ x11-libs/libXmu
+ x11-libs/libXp
+ x11-libs/libXt
+ x11-proto/xextproto
+ x11-proto/xproto
+ server? (
+ x11-proto/inputproto
+ x11-proto/kbproto
+ x11-proto/printproto
+ )
+ >=x11-misc/imake-1
+ x11-misc/gccmakedep
+ ~media-libs/jpeg-6b
+ tcpd? ( >=sys-apps/tcp-wrappers-7.6-r2 )
+ !net-misc/vnc"
+
+RDEPEND="${DEPEND}
+ server? (
+ media-fonts/font-misc-misc
+ media-fonts/font-cursor-misc
+ x11-apps/rgb
+ x11-apps/xauth
+ x11-apps/xsetroot
+ )
+ java? ( || ( >=virtual/jdk-1.3.1 >=virtual/jre-1.3.1 ) )"
+
+src_unpack() {
+
+ if ! use server;
+ then
+ echo
+ einfo "The 'server' USE flag will build tightvnc's server."
+ einfo "If '-server' is chosen only the client is built to save space."
+ einfo "Stop the build now if you need to add 'server' to USE flags.\n"
+ ebeep
+ epause 5
+ fi
+
+ unpack ${A} && cd ${S}
+ epatch "${FILESDIR}/${P}-gentoo.security.patch"
+ epatch "${FILESDIR}/${P}-imake-tmpdir.patch"
+ [[ "$(gcc-version)" == "3.4" ]] || [[ "$(gcc-major-version)" == "4" ]] && epatch ${FILESDIR}/${P}-gcc34.patch
+ epatch "${FILESDIR}/x86.patch"
+ epatch "${FILESDIR}/${P}-amd64.patch"
+ epatch "${FILESDIR}/${PN}-ppcsparc-server.patch"
+ epatch "${FILESDIR}/${P}-pathfixes.patch" # fixes bug 78385 and 146099
+ epatch "${FILESDIR}"/${P}-server-CVE-2007-1003.patch
+ epatch "${FILESDIR}"/${P}-server-CVE-2007-1351-1352.patch
+}
+
+src_compile() {
+ xmkmf -a || die "xmkmf failed"
+
+ make CDEBUGFLAGS="${CFLAGS}" World || die
+
+ if use server; then
+ cd Xvnc && ./configure || die "Configure failed."
+ if use tcpd; then
+ local myextra="-lwrap"
+ use userland_Darwin || myextra="${myextra} -lnss_nis"
+ make EXTRA_LIBRARIES="${myextra}" \
+ CDEBUGFLAGS="${CFLAGS}" \
+ EXTRA_DEFINES="-DUSE_LIBWRAP=1" || die
+ else
+ make CDEBUGFLAGS="${CFLAGS}" || die
+ fi
+ fi
+
+}
+
+src_install() {
+ # the web based interface and the java viewer need the java class files
+ if use java; then
+ insinto /usr/share/tightvnc/classes
+ doins classes/*
+ fi
+
+ dodir /usr/share/man/man1 /usr/bin
+ ./vncinstall ${D}/usr/bin ${D}/usr/share/man || die "vncinstall failed"
+
+ if ! use server; then
+ rm -f ${D}/usr/bin/vncserver
+ rm -f ${D}/usr/share/man/man1/{Xvnc,vncserver}*
+ fi
+
+ doicon ${FILESDIR}/vncviewer.png
+ make_desktop_entry vncviewer vncviewer vncviewer.png Network
+
+
+ dodoc ChangeLog README WhatsNew
+ use java && dodoc ${FILESDIR}/README.JavaViewer
+ newdoc vncviewer/README README.vncviewer
+}