ports/129894: [patch][vulnerability fix] update vnc port
John E. Hein
jhein at timing.com
Wed Dec 24 01:00:14 UTC 2008
>Number: 129894
>Category: ports
>Synopsis: fix broken vnc port
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: update
>Submitter-Id: current-users
>Arrival-Date: Wed Dec 24 01:00:14 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator: John Hein
>Release: FreeBSD 7.1-PRERELEASE i386
>Organization:
>Environment:
>Description:
realvnc.com released a new version (in Oct), but the fetch doesn't know
the difference and, despite the port unsuspectingly fetching the latest
4.1.3 version, forces the output filename to vnc-4_1_2-unixsrc.tar.gz
with -o...
/usr/bin/fetch -ApRr -o vnc-4_1_3-unixsrc.tar.gz 'http://www.realvnc.com/cgi-bin/download.cgi?product=free4/src/unix&acceptLicense=1&haveDetails=1&filetype=tar_gz'
Adding '&filever=4.1.2' to the cgi download url would work around this
since the 4.1.2 tarball is still available, but we should update
to 4.1.3.
Only one code change: to bounds check bounds on a decoders array index before
dereferencing in vnc-4_1_3-unixsrc/common/rfb/CMsgReader.cxx ...
+ if (encoding > encodingMax)
+ throw Exception("Unknown rect encoding");
Other than that, there were some minor 'configure' changes
(for instance, to support solaris better it seems) and
some changes to .vcproj (visual studio c ide project files).
For us, the only change should be the one instance
of better bounds checking shown above.
There is a reported vulnerability for 4.1.2 fixed by the
change shown above - supposedly a remote code execution
vulnerability...
http://www.net-security.org/vuln.php?id=6135
>How-To-Repeat:
>Fix:
Update to the latest release 4.1.3 and add 'filever'
to fetch instruction so the inadvertent
broken checksum doesn't happen again.
Index: Makefile
===================================================================
RCS file: /base/FreeBSD-CVS/ports/net/vnc/Makefile,v
retrieving revision 1.61
diff -u -p -r1.61 Makefile
--- Makefile 16 Dec 2008 04:28:21 -0000 1.61
+++ Makefile 24 Dec 2008 00:41:49 -0000
@@ -6,11 +6,11 @@
#
PORTNAME= vnc
-PORTVERSION= 4.1.2
-PORTREVISION= 5
+PORTVERSION= 4.1.3
+PORTREVISION= 0
CATEGORIES= net ipv6
MASTER_SITES= http://www.realvnc.com/:vnc
-DISTNAME= vnc-4_1_2-unixsrc
+DISTNAME= vnc-4_1_3-unixsrc
DISTFILES= ${DISTNAME}${EXTRACT_SUFX}:vnc
DIST_SUBDIR= xc
@@ -20,8 +20,6 @@ COMMENT= Display X and Win32 desktops on
RUN_DEPENDS= xorg-fonts>=7.2:${PORTSDIR}/x11-fonts/xorg-fonts \
xauth:${PORTSDIR}/x11/xauth
-BROKEN= checksum mismatch
-
GNU_CONFIGURE= yes
# The vnc supplied zlib seg. faults if compiled with -O
CONFIGURE_ARGS= --with-installed-zlib
@@ -73,7 +71,7 @@ PLIST_SUB+= SERVER="@comment "
# No direct URL for VNC -- have to pseudo-submit their webform.
pre-fetch:
@${MKDIR} ${DISTDIR}/${DIST_SUBDIR} && cd ${DISTDIR}/${DIST_SUBDIR} && \
- ${FETCH_CMD} -o ${DISTNAME}.tar.gz 'http://www.realvnc.com/cgi-bin/download.cgi?product=free4/src/unix&acceptLicense=1&haveDetails=1&filetype=tar_gz'
+ ${FETCH_CMD} -o ${DISTNAME}.tar.gz 'http://www.realvnc.com/cgi-bin/download.cgi?product=free4/src/unix&acceptLicense=1&haveDetails=1&filetype=tar_gz&filever=4.1.3'
post-extract:
.if !defined(WITHOUT_SERVER)
Index: distinfo
===================================================================
RCS file: /base/FreeBSD-CVS/ports/net/vnc/distinfo,v
retrieving revision 1.19
diff -u -p -r1.19 distinfo
--- distinfo 18 May 2006 16:06:35 -0000 1.19
+++ distinfo 24 Dec 2008 00:20:15 -0000
@@ -1,6 +1,6 @@
-MD5 (xc/vnc-4_1_2-unixsrc.tar.gz) = cf9a6fe8f592286b5e0fdde686504ffb
-SHA256 (xc/vnc-4_1_2-unixsrc.tar.gz) = ed73cd1abf4c4044032929fa2dd023d851f5fe37f88009523d3b08b7d836d542
-SIZE (xc/vnc-4_1_2-unixsrc.tar.gz) = 537713
+MD5 (xc/vnc-4_1_3-unixsrc.tar.gz) = a119f3c75ad2767c0588260e2abe39be
+SHA256 (xc/vnc-4_1_3-unixsrc.tar.gz) = a5897cbeaef74e02f23d43b89905f5a218041292743ed469f45092073c2bc047
+SIZE (xc/vnc-4_1_3-unixsrc.tar.gz) = 550870
MD5 (xc/X430src-1.tgz) = 4f241a4f867363f40efa2b00dca292af
SHA256 (xc/X430src-1.tgz) = 5276b045e154948fce7abba7d686406c65862d90b43b50f2546b33e38378f0d7
SIZE (xc/X430src-1.tgz) = 10993622
>Release-Note:
>Audit-Trail:
>Unformatted:
fix broken vnc port
From: John Hein <jhein>
Reply-To: John Hein <jhein>
Cc: ports at freebsd.org
BCc: jhein
X-send-pr-version: 3.113
X-GNATS-Notify:
More information about the freebsd-ports-bugs
mailing list