diff --git a/0001-Fix-crash-in-krfb.patch b/0001-Fix-crash-in-krfb.patch deleted file mode 100644 index 1847720..0000000 --- a/0001-Fix-crash-in-krfb.patch +++ /dev/null @@ -1,36 +0,0 @@ -From afd1d329ed117f6e4d8c46eba362b7d5c51184ac Mon Sep 17 00:00:00 2001 -From: Amandeep Singh -Date: Wed, 9 Oct 2013 04:12:08 +0530 -Subject: [PATCH 1/2] Fix crash in krfb - -Krfb crashes on quit, if any client is connected -due to a rfbClientConnectionGone call missing ---- - libvncserver/main.c | 11 +++++++---- - 1 file changed, 7 insertions(+), 4 deletions(-) - -diff --git a/libvncserver/main.c b/libvncserver/main.c -index 4cb18ac..b8cdde1 100644 ---- a/libvncserver/main.c -+++ b/libvncserver/main.c -@@ -1061,10 +1061,13 @@ void rfbShutdownServer(rfbScreenInfoPtr screen,rfbBool disconnectClients) { - if(disconnectClients) { - rfbClientPtr cl; - rfbClientIteratorPtr iter = rfbGetClientIterator(screen); -- while( (cl = rfbClientIteratorNext(iter)) ) -- if (cl->sock > -1) -- /* we don't care about maxfd here, because the server goes away */ -- rfbCloseClient(cl); -+ while( (cl = rfbClientIteratorNext(iter)) ) { -+ if (cl->sock > -1) { -+ /* we don't care about maxfd here, because the server goes away */ -+ rfbCloseClient(cl); -+ rfbClientConnectionGone(cl); -+ } -+ } - rfbReleaseClientIterator(iter); - } - --- -1.9.3 - diff --git a/0002-allow-rfbInitSockets-with-non-ready-states.patch b/0002-allow-rfbInitSockets-with-non-ready-states.patch deleted file mode 100644 index a9107e2..0000000 --- a/0002-allow-rfbInitSockets-with-non-ready-states.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 012594b970b07c212eaf48ed22333a9d37d017a4 Mon Sep 17 00:00:00 2001 -From: Amandeep Singh -Date: Sat, 28 Sep 2013 17:58:13 +0530 -Subject: [PATCH 2/2] allow rfbInitSockets with non-ready states. - -This allows for reinitializations of e. g. sockets in a SHUTDOWN state. -The only state that doesn't make sense to reinitialize are READY states. ---- - libvncserver/sockets.c | 5 +++-- - 1 file changed, 3 insertions(+), 2 deletions(-) - -diff --git a/libvncserver/sockets.c b/libvncserver/sockets.c -index ddd8450..d2f814b 100644 ---- a/libvncserver/sockets.c -+++ b/libvncserver/sockets.c -@@ -122,8 +122,9 @@ rfbInitSockets(rfbScreenInfoPtr rfbScreen) - { - in_addr_t iface = rfbScreen->listenInterface; - -- if (rfbScreen->socketState!=RFB_SOCKET_INIT) -- return; -+ if (rfbScreen->socketState == RFB_SOCKET_READY) { -+ return; -+ } - - rfbScreen->socketState = RFB_SOCKET_READY; - --- -1.9.3 - diff --git a/CVE-2014-6051.patch b/CVE-2014-6051.patch deleted file mode 100644 index ee6598c..0000000 --- a/CVE-2014-6051.patch +++ /dev/null @@ -1,42 +0,0 @@ -commit 045a044e8ae79db9244593fbce154cdf6e843273 -Author: newsoft -Date: Fri Aug 15 16:31:13 2014 +0200 - - Fix integer overflow in MallocFrameBuffer() - - Promote integers to uint64_t to avoid integer overflow issue during - frame buffer allocation for very large screen sizes - -diff --git a/libvncclient/vncviewer.c b/libvncclient/vncviewer.c -index 3b16a6f..24bc6f8 100644 ---- a/libvncclient/vncviewer.c -+++ b/libvncclient/vncviewer.c -@@ -82,9 +82,27 @@ static char* ReadPassword(rfbClient* client) { - #endif - } - static rfbBool MallocFrameBuffer(rfbClient* client) { -+uint64_t allocSize; -+ - if(client->frameBuffer) - free(client->frameBuffer); -- client->frameBuffer=malloc(client->width*client->height*client->format.bitsPerPixel/8); -+ -+ /* SECURITY: promote 'width' into uint64_t so that the multiplication does not overflow -+ 'width' and 'height' are 16-bit integers per RFB protocol design -+ SIZE_MAX is the maximum value that can fit into size_t -+ */ -+ allocSize = (uint64_t)client->width * client->height * client->format.bitsPerPixel/8; -+ -+ if (allocSize >= SIZE_MAX) { -+ rfbClientErr("CRITICAL: cannot allocate frameBuffer, requested size is too large\n"); -+ return FALSE; -+ } -+ -+ client->frameBuffer=malloc( (size_t)allocSize ); -+ -+ if (client->frameBuffer == NULL) -+ rfbClientErr("CRITICAL: frameBuffer allocation failed, requested size too large or not enough memory?\n"); -+ - return client->frameBuffer?TRUE:FALSE; - } - diff --git a/CVE-2014-6052.patch b/CVE-2014-6052.patch deleted file mode 100644 index 35757f1..0000000 --- a/CVE-2014-6052.patch +++ /dev/null @@ -1,59 +0,0 @@ -commit 85a778c0e45e87e35ee7199f1f25020648e8b812 -Author: newsoft -Date: Fri Aug 15 16:41:58 2014 +0200 - - Check for MallocFrameBuffer() return value - - If MallocFrameBuffer() returns FALSE, frame buffer pointer is left to - NULL. Subsequent writes into that buffer could lead to memory - corruption, or even arbitrary code execution. - -diff --git a/libvncclient/rfbproto.c b/libvncclient/rfbproto.c -index b4d7156..f55c74f 100644 ---- a/libvncclient/rfbproto.c -+++ b/libvncclient/rfbproto.c -@@ -1829,7 +1829,8 @@ HandleRFBServerMessage(rfbClient* client) - client->updateRect.x = client->updateRect.y = 0; - client->updateRect.w = client->width; - client->updateRect.h = client->height; -- client->MallocFrameBuffer(client); -+ if (!client->MallocFrameBuffer(client)) -+ return FALSE; - SendFramebufferUpdateRequest(client, 0, 0, rect.r.w, rect.r.h, FALSE); - rfbClientLog("Got new framebuffer size: %dx%d\n", rect.r.w, rect.r.h); - continue; -@@ -2290,7 +2291,9 @@ HandleRFBServerMessage(rfbClient* client) - client->updateRect.x = client->updateRect.y = 0; - client->updateRect.w = client->width; - client->updateRect.h = client->height; -- client->MallocFrameBuffer(client); -+ if (!client->MallocFrameBuffer(client)) -+ return FALSE; -+ - SendFramebufferUpdateRequest(client, 0, 0, client->width, client->height, FALSE); - rfbClientLog("Got new framebuffer size: %dx%d\n", client->width, client->height); - break; -@@ -2306,7 +2309,8 @@ HandleRFBServerMessage(rfbClient* client) - client->updateRect.x = client->updateRect.y = 0; - client->updateRect.w = client->width; - client->updateRect.h = client->height; -- client->MallocFrameBuffer(client); -+ if (!client->MallocFrameBuffer(client)) -+ return FALSE; - SendFramebufferUpdateRequest(client, 0, 0, client->width, client->height, FALSE); - rfbClientLog("Got new framebuffer size: %dx%d\n", client->width, client->height); - break; -diff --git a/libvncclient/vncviewer.c b/libvncclient/vncviewer.c -index 24bc6f8..65b7412 100644 ---- a/libvncclient/vncviewer.c -+++ b/libvncclient/vncviewer.c -@@ -250,7 +250,8 @@ static rfbBool rfbInitConnection(rfbClient* client) - - client->width=client->si.framebufferWidth; - client->height=client->si.framebufferHeight; -- client->MallocFrameBuffer(client); -+ if (!client->MallocFrameBuffer(client)) -+ return FALSE; - - if (!SetFormatAndEncodings(client)) - return FALSE; diff --git a/CVE-2014-6053.patch b/CVE-2014-6053.patch deleted file mode 100644 index 4f59a7b..0000000 --- a/CVE-2014-6053.patch +++ /dev/null @@ -1,22 +0,0 @@ -commit 6037a9074d52b1963c97cb28ea1096c7c14cbf28 -Author: Nicolas Ruff -Date: Mon Aug 18 15:16:16 2014 +0200 - - Check malloc() return value on client->server ClientCutText message. Client can send up to 2**32-1 bytes of text, and such a large allocation is likely to fail in case of high memory pressure. This would in a server crash (write at address 0). - -diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c -index 5f3b31d..7e43fe3 100644 ---- a/libvncserver/rfbserver.c -+++ b/libvncserver/rfbserver.c -@@ -2461,6 +2461,11 @@ rfbProcessClientNormalMessage(rfbClientPtr cl) - msg.cct.length = Swap32IfLE(msg.cct.length); - - str = (char *)malloc(msg.cct.length); -+ if (str == NULL) { -+ rfbLogPerror("rfbProcessClientNormalMessage: not enough memory"); -+ rfbCloseClient(cl); -+ return; -+ } - - if ((n = rfbReadExact(cl, str, msg.cct.length)) <= 0) { - if (n != 0) diff --git a/CVE-2014-6054.patch b/CVE-2014-6054.patch deleted file mode 100644 index b8225ac..0000000 --- a/CVE-2014-6054.patch +++ /dev/null @@ -1,38 +0,0 @@ -commit 05a9bd41a8ec0a9d580a8f420f41718bdd235446 -Author: Nicolas Ruff -Date: Mon Aug 18 15:22:48 2014 +0200 - - Do not accept a scaling factor of zero on PalmVNCSetScaleFactor and SetScale client->server messages. This would cause a division by zero and crash the server. - -diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c -index 7e43fe3..df7d74c 100644 ---- a/libvncserver/rfbserver.c -+++ b/libvncserver/rfbserver.c -@@ -2491,6 +2491,13 @@ rfbProcessClientNormalMessage(rfbClientPtr cl) - rfbCloseClient(cl); - return; - } -+ -+ if (msg.ssc.scale == 0) { -+ rfbLogPerror("rfbProcessClientNormalMessage: will not accept a scale factor of zero"); -+ rfbCloseClient(cl); -+ return; -+ } -+ - rfbStatRecordMessageRcvd(cl, msg.type, sz_rfbSetScaleMsg, sz_rfbSetScaleMsg); - rfbLog("rfbSetScale(%d)\n", msg.ssc.scale); - rfbScalingSetup(cl,cl->screen->width/msg.ssc.scale, cl->screen->height/msg.ssc.scale); -@@ -2507,6 +2514,13 @@ rfbProcessClientNormalMessage(rfbClientPtr cl) - rfbCloseClient(cl); - return; - } -+ -+ if (msg.ssc.scale == 0) { -+ rfbLogPerror("rfbProcessClientNormalMessage: will not accept a scale factor of zero"); -+ rfbCloseClient(cl); -+ return; -+ } -+ - rfbStatRecordMessageRcvd(cl, msg.type, sz_rfbSetScaleMsg, sz_rfbSetScaleMsg); - rfbLog("rfbSetScale(%d)\n", msg.ssc.scale); - rfbScalingSetup(cl,cl->screen->width/msg.ssc.scale, cl->screen->height/msg.ssc.scale); diff --git a/CVE-2014-6055.patch b/CVE-2014-6055.patch deleted file mode 100644 index bbcfc1c..0000000 --- a/CVE-2014-6055.patch +++ /dev/null @@ -1,165 +0,0 @@ -commit 06ccdf016154fde8eccb5355613ba04c59127b2e -Author: Nicolas Ruff -Date: Mon Sep 1 14:36:26 2014 +0200 - - Fix multiple stack-based buffer overflows in file transfer feature - -diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c -index df7d74c..445331a 100644 ---- a/libvncserver/rfbserver.c -+++ b/libvncserver/rfbserver.c -@@ -1241,21 +1241,35 @@ typedef struct { - #define RFB_FILE_ATTRIBUTE_TEMPORARY 0x100 - #define RFB_FILE_ATTRIBUTE_COMPRESSED 0x800 - --rfbBool rfbFilenameTranslate2UNIX(rfbClientPtr cl, char *path, char *unixPath) -+rfbBool rfbFilenameTranslate2UNIX(rfbClientPtr cl, /* in */ char *path, /* out */ char *unixPath, size_t unixPathMaxLen ) - { - int x; - char *home=NULL; - - FILEXFER_ALLOWED_OR_CLOSE_AND_RETURN("", cl, FALSE); - -+ /* -+ * Do not use strncpy() - truncating the file name would probably have undesirable side effects -+ * Instead check if destination buffer is big enough -+ */ -+ -+ if (strlen(path) >= unixPathMaxLen) -+ return FALSE; -+ - /* C: */ - if (path[0]=='C' && path[1]==':') -+ { - strcpy(unixPath, &path[2]); -+ } - else - { - home = getenv("HOME"); - if (home!=NULL) - { -+ /* Re-check buffer size */ -+ if ((strlen(path) + strlen(home) + 1) >= unixPathMaxLen) -+ return FALSE; -+ - strcpy(unixPath, home); - strcat(unixPath,"/"); - strcat(unixPath, path); -@@ -1293,7 +1307,8 @@ rfbBool rfbSendDirContent(rfbClientPtr cl, int length, char *buffer) - FILEXFER_ALLOWED_OR_CLOSE_AND_RETURN("", cl, FALSE); - - /* Client thinks we are Winblows */ -- rfbFilenameTranslate2UNIX(cl, buffer, path); -+ if (!rfbFilenameTranslate2UNIX(cl, buffer, path, sizeof(path))) -+ return FALSE; - - if (DB) rfbLog("rfbProcessFileTransfer() rfbDirContentRequest: rfbRDirContent: \"%s\"->\"%s\"\n",buffer, path); - -@@ -1570,7 +1585,11 @@ rfbBool rfbProcessFileTransfer(rfbClientPtr cl, uint8_t contentType, uint8_t con - /* add some space to the end of the buffer as we will be adding a timespec to it */ - if ((buffer = rfbProcessFileTransferReadBuffer(cl, length))==NULL) return FALSE; - /* The client requests a File */ -- rfbFilenameTranslate2UNIX(cl, buffer, filename1); -+ if (!rfbFilenameTranslate2UNIX(cl, buffer, filename1, sizeof(filename1))) -+ { -+ if (buffer!=NULL) free(buffer); -+ return FALSE; -+ } - cl->fileTransfer.fd=open(filename1, O_RDONLY, 0744); - - /* -@@ -1685,7 +1704,11 @@ rfbBool rfbProcessFileTransfer(rfbClientPtr cl, uint8_t contentType, uint8_t con - } - sizeHtmp = Swap32IfLE(sizeHtmp); - -- rfbFilenameTranslate2UNIX(cl, buffer, filename1); -+ if (!rfbFilenameTranslate2UNIX(cl, buffer, filename1, sizeof(filename1))) -+ { -+ if (buffer!=NULL) free(buffer); -+ return FALSE; -+ } - - /* If the file exists... We can send a rfbFileChecksums back to the client before we send an rfbFileAcceptHeader */ - /* TODO: Delta Transfer */ -@@ -1814,7 +1837,12 @@ rfbBool rfbProcessFileTransfer(rfbClientPtr cl, uint8_t contentType, uint8_t con - if ((buffer = rfbProcessFileTransferReadBuffer(cl, length))==NULL) return FALSE; - switch (contentParam) { - case rfbCDirCreate: /* Client requests the creation of a directory */ -- rfbFilenameTranslate2UNIX(cl, buffer, filename1); -+ if (!rfbFilenameTranslate2UNIX(cl, buffer, filename1, sizeof(filename1))) -+ { -+ if (buffer!=NULL) free(buffer); -+ return FALSE; -+ } -+ - retval = mkdir(filename1, 0755); - if (DB) rfbLog("rfbProcessFileTransfer() rfbCommand: rfbCDirCreate(\"%s\"->\"%s\") %s\n", buffer, filename1, (retval==-1?"Failed":"Success")); - /* -@@ -1823,7 +1851,12 @@ rfbBool rfbProcessFileTransfer(rfbClientPtr cl, uint8_t contentType, uint8_t con - if (buffer!=NULL) free(buffer); - return retval; - case rfbCFileDelete: /* Client requests the deletion of a file */ -- rfbFilenameTranslate2UNIX(cl, buffer, filename1); -+ if (!rfbFilenameTranslate2UNIX(cl, buffer, filename1, sizeof(filename1))) -+ { -+ if (buffer!=NULL) free(buffer); -+ return FALSE; -+ } -+ - if (stat(filename1,&statbuf)==0) - { - if (S_ISDIR(statbuf.st_mode)) -@@ -1841,8 +1874,18 @@ rfbBool rfbProcessFileTransfer(rfbClientPtr cl, uint8_t contentType, uint8_t con - { - /* Split into 2 filenames ('*' is a seperator) */ - *p = '\0'; -- rfbFilenameTranslate2UNIX(cl, buffer, filename1); -- rfbFilenameTranslate2UNIX(cl, p+1, filename2); -+ if (!rfbFilenameTranslate2UNIX(cl, buffer, filename1, sizeof(filename1))) -+ { -+ if (buffer!=NULL) free(buffer); -+ return FALSE; -+ } -+ -+ if (!rfbFilenameTranslate2UNIX(cl, p+1, filename2, sizeof(filename2))) -+ { -+ if (buffer!=NULL) free(buffer); -+ return FALSE; -+ } -+ - retval = rename(filename1,filename2); - if (DB) rfbLog("rfbProcessFileTransfer() rfbCommand: rfbCFileRename(\"%s\"->\"%s\" -->> \"%s\"->\"%s\") %s\n", buffer, filename1, p+1, filename2, (retval==-1?"Failed":"Success")); - /* - -commit f528072216dec01cee7ca35d94e171a3b909e677 -Author: Nicolas Ruff -Date: Mon Sep 1 14:51:07 2014 +0200 - - Fix stack-based buffer overflow in rfbFileTransferOffer message, FileTime processing - -diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c -index 445331a..23532b0 100644 ---- a/libvncserver/rfbserver.c -+++ b/libvncserver/rfbserver.c -@@ -1683,16 +1683,17 @@ rfbBool rfbProcessFileTransfer(rfbClientPtr cl, uint8_t contentType, uint8_t con - */ - if ((buffer = rfbProcessFileTransferReadBuffer(cl, length))==NULL) return FALSE; - -- /* Parse the FileTime */ -+ /* Parse the FileTime -+ * TODO: FileTime is actually never used afterwards -+ */ - p = strrchr(buffer, ','); - if (p!=NULL) { - *p = '\0'; -- strcpy(szFileTime, p+1); -+ strncpy(szFileTime, p+1, sizeof(szFileTime)); -+ szFileTime[sizeof(szFileTime)-1] = '\x00'; /* ensure NULL terminating byte is present, even if copy overflowed */ - } else - szFileTime[0]=0; - -- -- - /* Need to read in sizeHtmp */ - if ((n = rfbReadExact(cl, (char *)&sizeHtmp, 4)) <= 0) { - if (n != 0) diff --git a/LibVNCServer-0.9.10-no_x11vnc.patch b/LibVNCServer-0.9.10-no_x11vnc.patch deleted file mode 100644 index a0162ee..0000000 --- a/LibVNCServer-0.9.10-no_x11vnc.patch +++ /dev/null @@ -1,25 +0,0 @@ -diff -up LibVNCServer-0.9.10/configure.ac.no_x11vnc LibVNCServer-0.9.10/configure.ac ---- LibVNCServer-0.9.10/configure.ac.no_x11vnc 2014-04-05 18:38:35.000000000 -0500 -+++ LibVNCServer-0.9.10/configure.ac 2014-04-29 09:06:27.336448096 -0500 -@@ -1020,7 +1020,7 @@ if test "$build_x11vnc" = "yes"; then - # - # configure.ac:690: required file `x11vnc/Makefile.in' not found - # -- AC_CONFIG_FILES([x11vnc/Makefile x11vnc/misc/Makefile x11vnc/misc/turbovnc/Makefile]) -+ #AC_CONFIG_FILES([x11vnc/Makefile x11vnc/misc/Makefile x11vnc/misc/turbovnc/Makefile]) - - if test ! -z "$with_system_libvncserver" -a "x$with_system_libvncserver" != "xno"; then - # need to move local tarball rfb headers aside: -diff -up LibVNCServer-0.9.10/Makefile.am.no_x11vnc LibVNCServer-0.9.10/Makefile.am ---- LibVNCServer-0.9.10/Makefile.am.no_x11vnc 2014-04-05 18:38:35.000000000 -0500 -+++ LibVNCServer-0.9.10/Makefile.am 2014-04-29 09:06:27.337448086 -0500 -@@ -1,6 +1,6 @@ --if WITH_X11VNC --X11VNC=x11vnc --endif -+#if WITH_X11VNC -+#X11VNC=x11vnc -+#endif - - SUBDIRS=libvncserver examples libvncclient vncterm webclients client_examples test $(X11VNC) - DIST_SUBDIRS=libvncserver examples libvncclient vncterm webclients client_examples test diff --git a/LibVNCServer-0.9.10-system_minilzo.patch b/LibVNCServer-0.9.10-system_minilzo.patch index 34e789b..756e79f 100644 --- a/LibVNCServer-0.9.10-system_minilzo.patch +++ b/LibVNCServer-0.9.10-system_minilzo.patch @@ -1,7 +1,7 @@ -diff -up LibVNCServer-0.9.10/libvncclient/Makefile.am.system_minilzo LibVNCServer-0.9.10/libvncclient/Makefile.am ---- LibVNCServer-0.9.10/libvncclient/Makefile.am.system_minilzo 2014-04-05 18:38:35.000000000 -0500 -+++ LibVNCServer-0.9.10/libvncclient/Makefile.am 2014-04-29 08:56:27.861761880 -0500 -@@ -13,10 +13,10 @@ endif +diff -Naur libvncserver-LibVNCServer-0.9.10.old/libvncclient/Makefile.am libvncserver-LibVNCServer-0.9.10/libvncclient/Makefile.am +--- libvncserver-LibVNCServer-0.9.10.old/libvncclient/Makefile.am 2015-12-12 00:14:37.269157918 +0100 ++++ libvncserver-LibVNCServer-0.9.10/libvncclient/Makefile.am 2015-12-12 00:17:43.040435309 +0100 +@@ -13,10 +13,10 @@ endif @@ -15,10 +15,10 @@ diff -up LibVNCServer-0.9.10/libvncclient/Makefile.am.system_minilzo LibVNCServe rfbproto.o: rfbproto.c corre.c hextile.c rre.c tight.c zlib.c zrle.c ultra.c -diff -up LibVNCServer-0.9.10/libvncclient/rfbproto.c.system_minilzo LibVNCServer-0.9.10/libvncclient/rfbproto.c ---- LibVNCServer-0.9.10/libvncclient/rfbproto.c.system_minilzo 2014-04-05 18:38:35.000000000 -0500 -+++ LibVNCServer-0.9.10/libvncclient/rfbproto.c 2014-04-29 08:39:57.638331693 -0500 -@@ -61,7 +61,7 @@ +diff -Naur libvncserver-LibVNCServer-0.9.10.old/libvncclient/rfbproto.c libvncserver-LibVNCServer-0.9.10/libvncclient/rfbproto.c +--- libvncserver-LibVNCServer-0.9.10.old/libvncclient/rfbproto.c 2015-12-12 00:14:37.269157918 +0100 ++++ libvncserver-LibVNCServer-0.9.10/libvncclient/rfbproto.c 2015-12-12 00:17:43.041435322 +0100 +@@ -66,7 +66,7 @@ #include #endif @@ -26,11 +26,11 @@ diff -up LibVNCServer-0.9.10/libvncclient/rfbproto.c.system_minilzo LibVNCServer +#include #include "tls.h" - /* -diff -up LibVNCServer-0.9.10/libvncserver/Makefile.am.system_minilzo LibVNCServer-0.9.10/libvncserver/Makefile.am ---- LibVNCServer-0.9.10/libvncserver/Makefile.am.system_minilzo 2014-04-05 18:38:35.000000000 -0500 -+++ LibVNCServer-0.9.10/libvncserver/Makefile.am 2014-04-29 08:39:57.638331693 -0500 -@@ -37,7 +37,7 @@ include_HEADERS=../rfb/rfb.h ../rfb/rfbc + #ifdef _MSC_VER +diff -Naur libvncserver-LibVNCServer-0.9.10.old/libvncserver/Makefile.am libvncserver-LibVNCServer-0.9.10/libvncserver/Makefile.am +--- libvncserver-LibVNCServer-0.9.10.old/libvncserver/Makefile.am 2015-12-12 00:14:37.270157930 +0100 ++++ libvncserver-LibVNCServer-0.9.10/libvncserver/Makefile.am 2015-12-12 00:17:43.042435334 +0100 +@@ -37,7 +37,7 @@ noinst_HEADERS=../common/d3des.h ../rfb/default8x16.h zrleoutstream.h \ zrlepalettehelper.h zrletypes.h private.h scale.h rfbssl.h rfbcrypto.h \ @@ -39,7 +39,7 @@ diff -up LibVNCServer-0.9.10/libvncserver/Makefile.am.system_minilzo LibVNCServe $(TIGHTVNCFILETRANSFERHDRS) EXTRA_DIST=tableinit24.c tableinittctemplate.c tabletranstemplate.c \ -@@ -54,11 +54,11 @@ endif +@@ -54,11 +54,11 @@ LIB_SRCS = main.c rfbserver.c rfbregion.c auth.c sockets.c $(WEBSOCKETSSRCS) \ stats.c corre.c hextile.c rre.c translate.c cutpaste.c \ httpd.c cursor.c font.c \ @@ -53,9 +53,9 @@ diff -up LibVNCServer-0.9.10/libvncserver/Makefile.am.system_minilzo LibVNCServe lib_LTLIBRARIES=libvncserver.la -diff -up LibVNCServer-0.9.10/libvncserver/ultra.c.system_minilzo LibVNCServer-0.9.10/libvncserver/ultra.c ---- LibVNCServer-0.9.10/libvncserver/ultra.c.system_minilzo 2014-04-05 18:38:35.000000000 -0500 -+++ LibVNCServer-0.9.10/libvncserver/ultra.c 2014-04-29 08:39:57.638331693 -0500 +diff -Naur libvncserver-LibVNCServer-0.9.10.old/libvncserver/ultra.c libvncserver-LibVNCServer-0.9.10/libvncserver/ultra.c +--- libvncserver-LibVNCServer-0.9.10.old/libvncserver/ultra.c 2015-12-12 00:14:37.271157942 +0100 ++++ libvncserver-LibVNCServer-0.9.10/libvncserver/ultra.c 2015-12-12 00:17:43.042435334 +0100 @@ -8,7 +8,7 @@ */ diff --git a/LibVNCServer-0.9.9-pkgconfig.patch b/LibVNCServer-0.9.9-pkgconfig.patch deleted file mode 100644 index a0425e6..0000000 --- a/LibVNCServer-0.9.9-pkgconfig.patch +++ /dev/null @@ -1,26 +0,0 @@ -diff -up LibVNCServer-0.9.9/libvncclient.pc.in.pkgconfig LibVNCServer-0.9.9/libvncclient.pc.in ---- LibVNCServer-0.9.9/libvncclient.pc.in.pkgconfig 2012-05-04 09:19:00.000000000 -0500 -+++ LibVNCServer-0.9.9/libvncclient.pc.in 2013-02-14 10:45:18.902001014 -0600 -@@ -7,6 +7,8 @@ Name: LibVNCClient - Description: A library for easy implementation of a VNC client. - Version: @VERSION@ - Requires: --Libs: -L${libdir} -lvncclient @LIBS@ @WSOCKLIB@ -+Requires.private: zlib -+Libs: -L${libdir} -lvncclient -+Libs.private: @LIBS@ @WSOCKLIB@ - Cflags: -I${includedir} - -diff -up LibVNCServer-0.9.9/libvncserver.pc.in.pkgconfig LibVNCServer-0.9.9/libvncserver.pc.in ---- LibVNCServer-0.9.9/libvncserver.pc.in.pkgconfig 2012-05-04 09:19:00.000000000 -0500 -+++ LibVNCServer-0.9.9/libvncserver.pc.in 2013-02-14 10:44:49.727365748 -0600 -@@ -7,6 +7,8 @@ Name: LibVNCServer - Description: A library for easy implementation of a VNC server. - Version: @VERSION@ - Requires: --Libs: -L${libdir} -lvncserver @LIBS@ @WSOCKLIB@ -+Requires.private: zlib -+Libs: -L${libdir} -lvncserver -+Libs.private: @LIBS@ @WSOCKLIB@ - Cflags: -I${includedir} - diff --git a/libvncserver.spec b/libvncserver.spec index 306eba2..12251dd 100644 --- a/libvncserver.spec +++ b/libvncserver.spec @@ -1,53 +1,21 @@ - -%define git_commit 9453be42014b6b9eaa6ab6f8c2e8b6f4f01d15aa -%define git_short 9453be42 -%define snap 20140718 - -Summary: Library to make writing a vnc server easy +Summary: Library to make writing a VNC server easy Name: libvncserver Version: 0.9.10 -Release: 0.7.%{snap}git%{git_short}%{?dist} +Release: 1%{?dist} # NOTE: --with-tightvnc-filetransfer => GPLv2 License: GPLv2+ -URL: http://libvncserver.sourceforge.net/ -%if 0%{?snap:1} -# git archive --prefix=LibVNCServer-0.9.10/ 646f844f69cc74b8eebf25cc76663b2ee851e5d3 | gzip -9 > LibVNCServer-0.9.10-646f844f.tar.gz -Source0: LibVNCServer-%{version}-%{git_short}.tar.gz -%else -Source0: http://downloads.sf.net/libvncserver/LibVNCServer-%{version}.tar.gz -%endif +URL: http://libvnc.github.io/ +Source0: https://github.com/LibVNC/libvncserver/archive/LibVNCServer-%{version}.tar.gz -# workaround there being no x11vnc/ dir in tarball -Patch0: LibVNCServer-0.9.10-no_x11vnc.patch Patch1: LibVNCServer-0.9.10-system_minilzo.patch Patch2: libvncserver-0.9.1-multilib.patch -# pkgconfig love (upstreamable) -Patch3: LibVNCServer-0.9.9-pkgconfig.patch -# krfb patches, https://github.com/LibVNC/libvncserver/pull/16 -Patch11: 0001-Fix-crash-in-krfb.patch -Patch12: 0002-allow-rfbInitSockets-with-non-ready-states.patch - -## upstream patches - -## security patches -## pulled from (fork): https://github.com/newsoft/libvncserver -# https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-6051 -Patch201: CVE-2014-6051.patch -# https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-6052 -Patch202: CVE-2014-6052.patch -# https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-6053 -Patch203: CVE-2014-6053.patch -# https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-6054 -Patch204: CVE-2014-6054.patch -# https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-6055 -Patch205: CVE-2014-6055.patch # upstream name Obsoletes: LibVNCServer < 0.9.1 Provides: LibVNCServer = %{version}-%{release} -BuildRequires: automake autoconf +BuildRequires: automake autoconf libtool BuildRequires: libgcrypt-devel BuildRequires: libjpeg-devel ## FIXME/TODO: --with-va FTBFS @@ -80,28 +48,18 @@ Requires: %{name}%{?_isa} = %{version}-%{release} # libvncserver-config deps Requires: coreutils # upstream name -#Obsoletes: LibVNCServer-devel < %{version}-%{release} Provides: LibVNCServer-devel = %{version}-%{release} %description devel %{summary}. %prep -%setup -q -n LibVNCServer-%{version} +%setup -q -n %{name}-LibVNCServer-%{version} -%patch0 -p1 -b .no_x11vnc %patch1 -p1 -b .system_minilzo #nuke bundled minilzo rm -fv common/lzodefs.h common/lzoconf.h commmon/minilzo.h common/minilzo.c %patch2 -p1 -b .multilib -%patch3 -p1 -b .pkgconfig -%patch11 -p1 -b .0001 -%patch12 -p1 -b .0002 -%patch201 -p1 -b .CVE-2014-6051 -%patch202 -p1 -b .CVE-2014-6052 -%patch203 -p1 -b .CVE-2014-6053 -%patch204 -p1 -b .CVE-2014-6054 -%patch205 -p1 -b .CVE-2014-6055 # fix encoding for file in AUTHORS ChangeLog ; do @@ -144,11 +102,7 @@ rm -fv %{buildroot}%{_libdir}/lib*.la %check -unset DISPLAY -# Run a fake X session -# rawhide/koji seems to have some some unreproducible errors atm -- rex -# there's also selinux :( https://bugzilla.redhat.com/843603 -xvfb-run -a make -C test test ||: +make -C test test ||: %post -p /sbin/ldconfig @@ -169,6 +123,11 @@ xvfb-run -a make -C test test ||: %changelog +* Fri Dec 11 2015 Simone Caronni - 0.9.10-1 +- Update to official 0.9.10 release. +- Remove upstreamed patches. +- Trim changelog. + * Wed Jun 17 2015 Fedora Release Engineering - 0.9.10-0.7.20140718git9453be42 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild @@ -230,51 +189,3 @@ xvfb-run -a make -C test test ||: * Mon May 07 2012 Rex Dieter 0.9.9-1 - 0.9.9 - -* Wed Apr 18 2012 Petr Pisar 0.9.8.2-4 -- Enable system lzo library on rhel >= 6 (#813764) - -* Fri Jan 13 2012 Fedora Release Engineering - 0.9.8.2-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - -* Sat Dec 31 2011 Christoph Wickert - 0.9.8.2-2 -- On F15, %%check needs xorg-x11-xauth, too - -* Tue Dec 13 2011 Rex Dieter 0.9.8.2-1 -- 0.9.8.2 (#694975) -- new %%check section (yay for xvfb-run) - -* Tue Feb 08 2011 Fedora Release Engineering - 0.9.7-5 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - -* Thu Feb 18 2010 Stepan Kasal - 0.9.7-4 -- repack the tarball, there are .jar files without any source -- do not BR findutils, they are guaranteed in Fedora mock -- fix obsolete, so that it covers only packages created before this - spec was added to Fedora - -* Sat Jul 25 2009 Fedora Release Engineering - 0.9.7-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild - -* Sat May 23 2009 Rex Dieter - 0.9.7-3 -- Socket is not closed when disconnecting from server (#501895) - -* Mon May 04 2009 Rex Dieter - 0.9.7-2 -- fix detection of LINUX platform/define - -* Mon May 04 2009 Rex Dieter - 0.9.7-1 -- LibVNCServer-0.9.7 - -* Wed Feb 25 2009 Fedora Release Engineering - 0.9.1-4 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild - -* Thu Apr 10 2008 Manuel Wolfshant 0.9.1-3 -- do not use bundled copy of minilzo (#439979) - -* Sun Jan 27 2008 Rex Dieter 0.9.1-2 -- hack libtool to omit unused shlib dependencies -- fix AUTHORS encoding -- fix src perms - -* Mon Jan 21 2008 Rex Dieter 0.9.1-1 -- 0.9.1