From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-1439070-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id 4C170158094
	for <garchives@archives.gentoo.org>; Sat, 24 Sep 2022 10:01:49 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 8C6EAE0907;
	Sat, 24 Sep 2022 10:01:48 +0000 (UTC)
Received: from smtp.gentoo.org (mail.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 7497EE0907
	for <gentoo-commits@lists.gentoo.org>; Sat, 24 Sep 2022 10:01:48 +0000 (UTC)
Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id 6F2AB341101
	for <gentoo-commits@lists.gentoo.org>; Sat, 24 Sep 2022 10:01:47 +0000 (UTC)
Received: from localhost.localdomain (localhost [IPv6:::1])
	by oystercatcher.gentoo.org (Postfix) with ESMTP id B735C5D4
	for <gentoo-commits@lists.gentoo.org>; Sat, 24 Sep 2022 10:01:45 +0000 (UTC)
From: "Andreas Sturmlechner" <asturm@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Andreas Sturmlechner" <asturm@gentoo.org>
Message-ID: <1664013651.d33d79334f52b44ddc670fa9461105d2cfc64ea9.asturm@gentoo>
Subject: [gentoo-commits] repo/gentoo:master commit in: net-libs/libvncserver/, net-libs/libvncserver/files/
X-VCS-Repository: repo/gentoo
X-VCS-Files: net-libs/libvncserver/files/libvncserver-0.9.13-CVE-2020-29260.patch net-libs/libvncserver/libvncserver-0.9.13-r1.ebuild
X-VCS-Directories: net-libs/libvncserver/ net-libs/libvncserver/files/
X-VCS-Committer: asturm
X-VCS-Committer-Name: Andreas Sturmlechner
X-VCS-Revision: d33d79334f52b44ddc670fa9461105d2cfc64ea9
X-VCS-Branch: master
Date: Sat, 24 Sep 2022 10:01:45 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply
X-Archives-Salt: 53027645-d078-428d-a192-ee93616653b9
X-Archives-Hash: cced0f42b819f8c103a3e1c38aacd9ad

commit:     d33d79334f52b44ddc670fa9461105d2cfc64ea9
Author:     Alexander Tsoy <alexander <AT> tsoy <DOT> me>
AuthorDate: Thu Sep 22 00:02:29 2022 +0000
Commit:     Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>
CommitDate: Sat Sep 24 10:00:51 2022 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d33d7933

net-libs/libvncserver: fix CVE-2020-29260

Also update EAPI 7 -> 8

Bug: https://bugs.gentoo.org/868135
Signed-off-by: Alexander Tsoy <alexander <AT> tsoy.me>
Closes: https://github.com/gentoo/gentoo/pull/27388
Signed-off-by: Andreas Sturmlechner <asturm <AT> gentoo.org>

 .../files/libvncserver-0.9.13-CVE-2020-29260.patch | 27 ++++++++
 .../libvncserver/libvncserver-0.9.13-r1.ebuild     | 76 ++++++++++++++++++++++
 2 files changed, 103 insertions(+)

diff --git a/net-libs/libvncserver/files/libvncserver-0.9.13-CVE-2020-29260.patch b/net-libs/libvncserver/files/libvncserver-0.9.13-CVE-2020-29260.patch
new file mode 100644
index 000000000000..23ffed8c1774
--- /dev/null
+++ b/net-libs/libvncserver/files/libvncserver-0.9.13-CVE-2020-29260.patch
@@ -0,0 +1,27 @@
+From bef41f6ec4097a8ee094f90a1b34a708fbd757ec Mon Sep 17 00:00:00 2001
+From: Christian Beier <info@christianbeier.net>
+Date: Sat, 21 Nov 2020 12:52:31 +0100
+Subject: [PATCH] libvncclient: free vncRec memory in rfbClientCleanup()
+
+Otherwise we leak memory. Spotted by Ramin Farajpour Cami
+<ramin.blackhat@gmail.com>, thanks!
+---
+ libvncclient/vncviewer.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/libvncclient/vncviewer.c b/libvncclient/vncviewer.c
+index d6b91f02..0a1bdcf6 100644
+--- a/libvncclient/vncviewer.c
++++ b/libvncclient/vncviewer.c
+@@ -534,6 +534,8 @@ void rfbClientCleanup(rfbClient* client) {
+     client->clientData = next;
+   }
+ 
++  free(client->vncRec);
++
+   if (client->sock != RFB_INVALID_SOCKET)
+     rfbCloseSocket(client->sock);
+   if (client->listenSock != RFB_INVALID_SOCKET)
+-- 
+2.35.1
+

diff --git a/net-libs/libvncserver/libvncserver-0.9.13-r1.ebuild b/net-libs/libvncserver/libvncserver-0.9.13-r1.ebuild
new file mode 100644
index 000000000000..2a9d65199e87
--- /dev/null
+++ b/net-libs/libvncserver/libvncserver-0.9.13-r1.ebuild
@@ -0,0 +1,76 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit cmake
+
+MY_P="LibVNCServer-${PV}"
+
+DESCRIPTION="library for creating vnc servers"
+HOMEPAGE="https://libvnc.github.io/"
+SRC_URI="https://github.com/LibVNC/${PN}/archive/${MY_P}.tar.gz"
+S="${WORKDIR}/${PN}-${MY_P}"
+
+# common/d3des.*: https://github.com/LibVNC/libvncserver/issues/88
+LICENSE="GPL-2 GPL-2+ LGPL-2.1+ BSD MIT"
+# no sub slot wanted (yet), see #578958
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86 ~amd64-linux ~x86-linux"
+IUSE="+24bpp +filetransfer gcrypt gnutls ipv6 +jpeg lzo +png sasl ssl systemd +threads +zlib"
+# https://bugs.gentoo.org/690202
+# https://bugs.gentoo.org/435326
+# https://bugs.gentoo.org/550916
+REQUIRED_USE="
+	filetransfer? ( threads )
+	jpeg? ( zlib )
+	png? ( zlib )
+	ssl? ( !gnutls? ( threads ) )
+"
+
+DEPEND="
+	gcrypt? ( >=dev-libs/libgcrypt-1.5.3:0= )
+	ssl? (
+		!gnutls? (
+			>=dev-libs/openssl-1.0.2:0=
+		)
+		gnutls? ( >=net-libs/gnutls-2.12.23-r6:0= )
+	)
+	jpeg? ( media-libs/libjpeg-turbo:= )
+	lzo? ( dev-libs/lzo )
+	png? ( >=media-libs/libpng-1.6.10:0= )
+	sasl? ( dev-libs/cyrus-sasl )
+	systemd? ( sys-apps/systemd:= )
+	zlib? ( >=sys-libs/zlib-1.2.8-r1:0= )
+"
+RDEPEND="${DEPEND}"
+
+DOCS=( AUTHORS ChangeLog NEWS.md README.md TODO.md )
+
+PATCHES=(
+	"${FILESDIR}"/${P}-test-fix-includetest.patch
+	"${FILESDIR}"/${P}-test-fix-tjunittest.patch
+	"${FILESDIR}"/${P}-CVE-2020-29260.patch
+)
+
+src_configure() {
+	local mycmakeargs=(
+		-DWITH_FFMPEG=OFF
+		-DWITH_GTK=OFF
+		-DWITH_SDL=OFF
+		-DWITH_24BPP=$(usex 24bpp ON OFF)
+		-DWITH_TIGHTVNC_FILETRANSFER=$(usex filetransfer ON OFF)
+		-DWITH_GCRYPT=$(usex gcrypt ON OFF)
+		-DWITH_GNUTLS=$(usex gnutls $(usex ssl ON OFF) OFF)
+		-DWITH_IPv6=$(usex ipv6 ON OFF)
+		-DWITH_JPEG=$(usex jpeg ON OFF)
+		-DWITH_LZO=$(usex lzo ON OFF)
+		-DWITH_OPENSSL=$(usex gnutls OFF $(usex ssl ON OFF))
+		-DWITH_PNG=$(usex png ON OFF)
+		-DWITH_SASL=$(usex sasl ON OFF)
+		-DWITH_SYSTEMD=$(usex systemd ON OFF)
+		-DWITH_THREADS=$(usex threads ON OFF)
+		-DWITH_ZLIB=$(usex zlib ON OFF)
+	)
+	cmake_src_configure
+}