summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlexander Tsoy <alexander@tsoy.me>2020-06-29 10:52:36 +0300
committerAaron Bauman <bman@gentoo.org>2020-06-29 13:29:20 -0400
commit3cc06e5fd4889a3fd2d77d6a411efe0f82f37777 (patch)
tree0f119d4890e2eb677c9ceb9550d6e14612f3c63d /net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2019-15681.patch
parentdev-ruby/asciimath: add missing test dep (diff)
downloadgentoo-3cc06e5fd4889a3fd2d77d6a411efe0f82f37777.tar.gz
gentoo-3cc06e5fd4889a3fd2d77d6a411efe0f82f37777.tar.bz2
gentoo-3cc06e5fd4889a3fd2d77d6a411efe0f82f37777.zip
net-libs/libvncserver: Security cleanup
Bug: https://bugs.gentoo.org/728594 Signed-off-by: Alexander Tsoy <alexander@tsoy.me> Closes: https://github.com/gentoo/gentoo/pull/16483 Signed-off-by: Aaron Bauman <bman@gentoo.org>
Diffstat (limited to 'net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2019-15681.patch')
-rw-r--r--net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2019-15681.patch26
1 files changed, 0 insertions, 26 deletions
diff --git a/net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2019-15681.patch b/net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2019-15681.patch
deleted file mode 100644
index 301d1340d14c..000000000000
--- a/net-libs/libvncserver/files/libvncserver-0.9.12-CVE-2019-15681.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a Mon Sep 17 00:00:00 2001
-From: Christian Beier <dontmind@freeshell.org>
-Date: Mon, 19 Aug 2019 22:32:25 +0200
-Subject: [PATCH 48/51] rfbserver: don't leak stack memory to the remote
-
-Thanks go to Pavel Cheremushkin of Kaspersky for reporting.
----
- libvncserver/rfbserver.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c
-index 3bacc89..310e548 100644
---- a/libvncserver/rfbserver.c
-+++ b/libvncserver/rfbserver.c
-@@ -3724,6 +3724,8 @@ rfbSendServerCutText(rfbScreenInfoPtr rfbScreen,char *str, int len)
- rfbServerCutTextMsg sct;
- rfbClientIteratorPtr iterator;
-
-+ memset((char *)&sct, 0, sizeof(sct));
-+
- iterator = rfbGetClientIterator(rfbScreen);
- while ((cl = rfbClientIteratorNext(iterator)) != NULL) {
- sct.type = rfbServerCutText;
---
-2.23.0
-