johu 14/08/20 16:02:53
Added:
krfb-4.14.0-CVE-2014-4607-unbundle-libvncserver.patch
Log:
Version bump KDE SC 4.14.0
(Portage version: 2.2.12/cvs/Linux x86_64, signed Manifest commit with key
0xF3CFD2BD)
Revision Changes Path
1.1
kde-base/krfb/files/krfb-4.14.0-CVE-2014-4607-unbundle-libvncserver.patch
file :
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/kde-base/krfb/files/krfb-4.14.0-CVE-2014-4607-unbundle-libvncserver.patch?rev=1.1&view=markup
plain:
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/kde-base/krfb/files/krfb-4.14.0-CVE-2014-4607-unbundle-libvncserver.patch?rev=1.1&content-type=text/plain
Index: krfb-4.14.0-CVE-2014-4607-unbundle-libvncserver.patch
===================================================================
>From 766fc7694a58b7e01c003356db94276f07b791b5 Mon Sep 17 00:00:00 2001
From: Johannes Huber <j...@gentoo.org>
Date: Thu, 31 Jul 2014 19:41:01 +0200
Subject: [PATCH] CVE-2014-4607: Unbundle libvncserver
http://seclists.org/oss-sec/2014/q2/676
REVIEW: 119548
---
CMakeLists.txt | 7 +++---
cmake/modules/FindLibVNCServer.cmake | 41 ++++++++++++++++++++++++++++++++++++
krfb/CMakeLists.txt | 2 ++
krfb/rfb.h | 2 +-
4 files changed, 47 insertions(+), 5 deletions(-)
create mode 100644 cmake/modules/FindLibVNCServer.cmake
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 4aa24dd..0b29da0 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -32,6 +32,8 @@ set(CMAKE_MODULE_PATH
${CMAKE_MODULE_PATH}
)
+find_package(LibVNCServer REQUIRED)
+
macro_optional_find_package(TelepathyQt4)
macro_log_feature(TelepathyQt4_FOUND "telepathy-qt" "Telepathy Qt Bindings"
"http://telepathy.freedesktop.org"; FALSE "0.9" "Needed to build Telepathy Tubes
support.")
@@ -44,8 +46,6 @@ macro_bool_to_01(X11_XShm_FOUND HAVE_XSHM)
include_directories ("${CMAKE_CURRENT_BINARY_DIR}/krfb"
"${CMAKE_CURRENT_SOURCE_DIR}/krfb"
"${CMAKE_CURRENT_SOURCE_DIR}/krfb/ui"
- "${CMAKE_CURRENT_SOURCE_DIR}/libvncserver/"
- "${CMAKE_CURRENT_BINARY_DIR}/libvncserver/"
)
if(Q_WS_X11)
@@ -54,9 +54,8 @@ if(Q_WS_X11)
endif(NOT X11_XTest_FOUND)
endif(Q_WS_X11)
-add_subdirectory(libvncserver)
add_subdirectory(krfb)
-add_subdirectory (framebuffers)
+add_subdirectory(framebuffers)
add_subdirectory(doc)
if (NOT INSIDE_KDENETWORK)
diff --git a/cmake/modules/FindLibVNCServer.cmake
b/cmake/modules/FindLibVNCServer.cmake
new file mode 100644
index 0000000..5927ab2
--- /dev/null
+++ b/cmake/modules/FindLibVNCServer.cmake
@@ -0,0 +1,41 @@
+# cmake macro to test LIBVNCSERVER LIB
+
+# Copyright (c) 2006, Alessandro Praduroux <pr...@pradu.it>
+# Copyright (c) 2007, Urs Wolfer <uwolfer @ kde.org>
+#
+# Redistribution and use is allowed according to the terms of the BSD license.
+# For details see the accompanying COPYING-CMAKE-SCRIPTS file.
+
+INCLUDE(CheckPointerMember)
+
+IF (LIBVNCSERVER_INCLUDE_DIR AND LIBVNCSERVER_LIBRARIES)
+ # Already in cache, be silent
+ SET(LIBVNCSERVER_FIND_QUIETLY TRUE)
+ENDIF (LIBVNCSERVER_INCLUDE_DIR AND LIBVNCSERVER_LIBRARIES)
+
+FIND_PATH(LIBVNCSERVER_INCLUDE_DIR rfb/rfb.h)
+
+FIND_LIBRARY(LIBVNCSERVER_LIBRARIES NAMES vncserver libvncserver)
+
+# libvncserver and libvncclient are in the same package, so it does
+# not make sense to add a new cmake script for finding libvncclient.
+# instead just find the libvncclient also in this file.
+FIND_PATH(LIBVNCCLIENT_INCLUDE_DIR rfb/rfbclient.h)
+FIND_LIBRARY(LIBVNCCLIENT_LIBRARIES NAMES vncclient libvncclient)
+
+IF (LIBVNCSERVER_INCLUDE_DIR AND LIBVNCSERVER_LIBRARIES)
+ SET(CMAKE_REQUIRED_INCLUDES "${LIBVNCSERVER_INCLUDE_DIR}"
"${CMAKE_REQUIRED_INCLUDES}")
+ CHECK_POINTER_MEMBER(rfbClient* GotXCutText rfb/rfbclient.h
LIBVNCSERVER_FOUND)
+ENDIF (LIBVNCSERVER_INCLUDE_DIR AND LIBVNCSERVER_LIBRARIES)
+
+IF (LIBVNCSERVER_FOUND)
+ IF (NOT LIBVNCSERVER_FIND_QUIETLY)
+ MESSAGE(STATUS "Found LibVNCServer: ${LIBVNCSERVER_LIBRARIES}")
+ ENDIF (NOT LIBVNCSERVER_FIND_QUIETLY)
+ELSE (LIBVNCSERVER_FOUND)
+ IF (LIBVNCSERVER_FIND_REQUIRED)
+ MESSAGE(FATAL_ERROR "Could NOT find acceptable version of LibVNCServer
(version 0.9 or later required).")
+ ENDIF (LIBVNCSERVER_FIND_REQUIRED)
+ENDIF (LIBVNCSERVER_FOUND)
+
+MARK_AS_ADVANCED(LIBVNCSERVER_INCLUDE_DIR LIBVNCSERVER_LIBRARIES)
\ No newline at end of file
diff --git a/krfb/CMakeLists.txt b/krfb/CMakeLists.txt
index a65eea8..100b49b 100644
--- a/krfb/CMakeLists.txt
+++ b/krfb/CMakeLists.txt
@@ -20,6 +20,7 @@ target_link_libraries (krfbprivate
${QT_QTCORE_LIBRARY}
${QT_QTGUI_LIBRARY}
${X11_X11_LIB}
+ ${LIBVNCSERVER_LIBRARIES}
)
set_target_properties (krfbprivate PROPERTIES
@@ -103,6 +104,7 @@ target_link_libraries (krfb
${QT_QTNETWORK_LIBRARY}
${KDE4_KDNSSD_LIBS}
${KDE4_KDEUI_LIBS}
+ ${LIBVNCSERVER_LIBRARIES}
)
if(TelepathyQt4_FOUND)
diff --git a/krfb/rfb.h b/krfb/rfb.h
index 40308a2..fa94eda 100644
--- a/krfb/rfb.h
+++ b/krfb/rfb.h
@@ -6,7 +6,7 @@
#ifndef KRFB_RFB_H
#define KRFB_RFB_H
-#include "../libvncserver/rfb/rfb.h"
+#include "rfb/rfb.h"
#undef TRUE
#undef FALSE
--
2.0.2
