Merge branch 'staging' into core-updates

author: Marius Bakke <[email protected]> 2020-01-23 23:11:11 +0100
committer: Marius Bakke <[email protected]> 2020-01-23 23:11:11 +0100
commit: 12d8adbfc0f32a1905cfc3aaa2cfff68ee46a333 (patch)
tree: 183ae8f3e96ce0ef2961a81d96c27e5e1f2bc36b /gnu/packages/patches/libvnc-CVE-2019-15681.patch
parent: bd0f5f24913b52df29f1f26321ed1095d08877b5 (diff)
parent: db0e9fe42c419c8c8010dbad6080ed66028c03ec (diff)
1 files changed, 23 insertions, 0 deletions
diff --git a/gnu/packages/patches/libvnc-CVE-2019-15681.patch b/gnu/packages/patches/libvnc-CVE-2019-15681.patch
new file mode 100644
index 0000000000..e328d87920
--- /dev/null
+++ b/gnu/packages/patches/libvnc-CVE-2019-15681.patch
@@ -0,0 +1,23 @@
+From d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a Mon Sep 17 00:00:00 2001
+From: Christian Beier <[email protected]>
+Date: Mon, 19 Aug 2019 22:32:25 +0200
+Subject: [PATCH] rfbserver: don't leak stack memory to the remote
+
+Thanks go to Pavel Cheremushkin of Kaspersky for reporting.
+---
+ libvncserver/rfbserver.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c
+index 3bacc891..310e5487 100644
+--- a/libvncserver/rfbserver.c
++++ b/libvncserver/rfbserver.c
+@@ -3724,6 +3724,8 @@ rfbSendServerCutText(rfbScreenInfoPtr rfbScreen,char *str, int len)
+     rfbServerCutTextMsg sct;
+     rfbClientIteratorPtr iterator;
+ 
++    memset((char *)&sct, 0, sizeof(sct));
++
+     iterator = rfbGetClientIterator(rfbScreen);
+     while ((cl = rfbClientIteratorNext(iterator)) != NULL) {
+         sct.type = rfbServerCutText;
author	Marius Bakke <[email protected]>	2020-01-23 23:11:11 +0100
committer	Marius Bakke <[email protected]>	2020-01-23 23:11:11 +0100
commit	12d8adbfc0f32a1905cfc3aaa2cfff68ee46a333 (patch)
tree	183ae8f3e96ce0ef2961a81d96c27e5e1f2bc36b /gnu/packages/patches/libvnc-CVE-2019-15681.patch
parent	bd0f5f24913b52df29f1f26321ed1095d08877b5 (diff)
parent	db0e9fe42c419c8c8010dbad6080ed66028c03ec (diff)