SECURITY fix for a potential denial of service.

GNOME BZ #641811 #693608 #707905
2013-09-12 12:47:32 +00:00 · 2013-09-12 12:47:32 +00:00 · 873a49a078
commit 873a49a078
parent 54769baeaa
2 changed files with 26 additions and 7 deletions
--- a/x11/gnome/vino/Makefile
+++ b/x11/gnome/vino/Makefile
@ -1,10 +1,10 @@
-# $OpenBSD: Makefile,v 1.55 2013/05/31 15:35:12 ajacoutot Exp $
+# $OpenBSD: Makefile,v 1.56 2013/09/12 12:47:32 ajacoutot Exp $

 COMMENT=		GNOME desktop sharing server

 GNOME_PROJECT=		vino
 GNOME_VERSION=		3.8.1
-REVISION=		0
+REVISION=		1

 CATEGORIES=		net

@ -19,11 +19,11 @@ WANTLIB += atspi avahi-client avahi-common avahi-glib c cairo
 WANTLIB += cairo-gobject dbus-1 dbus-glib-1 expat ffi fontconfig
 WANTLIB += freetype gcrypt gdk-3 gdk_pixbuf-2.0 gio-2.0 glib-2.0
 WANTLIB += gmodule-2.0 gmp gnutls gobject-2.0 gpg-error graphite2
-WANTLIB += gthread-2.0 gtk-3 harfbuzz hogweed
-WANTLIB += jpeg m nettle notify p11-kit pango-1.0 pangocairo-1.0
-WANTLIB += pangoft2-1.0 pcre pixman-1 png pthread pthread-stubs
-WANTLIB += secret-1 soup-2.4 sqlite3 tasn1 telepathy-glib xcb
-WANTLIB += xcb-render xcb-shm xml2 z
+WANTLIB += gthread-2.0 gtk-3 harfbuzz hogweed jpeg m nettle notify
+WANTLIB += p11-kit pango-1.0 pangocairo-1.0 pangoft2-1.0 pcre
+WANTLIB += pixman-1 png pthread pthread-stubs secret-1 soup-2.4
+WANTLIB += sqlite3 tasn1 telepathy-glib xcb xcb-render xcb-shm
+WANTLIB += xml2 z

 MODULES=		devel/dconf \
 			devel/gettext \
--- a/x11/gnome/vino/patches/patch-server_libvncserver_rfbserver_c
+++ b/x11/gnome/vino/patches/patch-server_libvncserver_rfbserver_c
@ -0,0 +1,19 @@
+$OpenBSD: patch-server_libvncserver_rfbserver_c,v 1.2 2013/09/12 12:47:32 ajacoutot Exp $
+
+From 51435d3f946d6d2b99b876b7919b9d41022fc408 Mon Sep 17 00:00:00 2001
+From: David King <dking@redhat.com>
+Date: Wed, 11 Sep 2013 15:08:47 +0000
+Subject: Reject new clients if in the deferred state
+
+--- server/libvncserver/rfbserver.c.orig	Mon Dec 17 23:19:00 2012
+++ server/libvncserver/rfbserver.c	Thu Sep 12 14:35:24 2013
+@@ -387,7 +387,8 @@ rfbProcessClientMessage(rfbClientPtr cl)
+         rfbAuthProcessClientMessage(cl);
+         return;
+     case RFB_AUTH_DEFERRED:
+-	rfbLog("Authentication deferred - ignoring client message\n");
+	rfbLog("Authentication deferred for this client - closing connection\n");
+	rfbCloseClient(cl);
+ 	return;
+     case RFB_INITIALISATION:
+         rfbProcessClientInitMessage(cl);