NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
f69f1fc302
kumquat-buildroot/package/libvncserver/libvncserver.mk
Fabrice Fontaine 05bf029c11 package/libvncserver: fix CVE-2019-15681 
LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains a
memory leak (CWE-655) in VNC server code, which allow an attacker to
read stack memory and can be abused for information disclosure. Combined
with another vulnerability, it can be used to leak stack memory and
bypass ASLR. This attack appear to be exploitable via network
connectivity. These vulnerabilities have been fixed in commit
d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-03-03 22:10:16 +01:00

84 lines
2.2 KiB
Makefile
Raw Blame History

################################################################################
#
# libvncserver
#
################################################################################
LIBVNCSERVER_VERSION = 0.9.12
LIBVNCSERVER_SOURCE = LibVNCServer-$(LIBVNCSERVER_VERSION).tar.gz
LIBVNCSERVER_SITE = https://github.com/LibVNC/libvncserver/archive
LIBVNCSERVER_LICENSE = GPL-2.0+
LIBVNCSERVER_LICENSE_FILES = COPYING
LIBVNCSERVER_INSTALL_STAGING = YES
LIBVNCSERVER_DEPENDENCIES = host-pkgconf lzo
LIBVNCSERVER_CONF_OPTS = -DWITH_LZO=ON
# 0003-Limit-lenght-to-INT_MAX-bytes-in-rfbProcessFileTransferReadBuffer.patch
LIBVNCSERVER_IGNORE_CVES += CVE-2018-20750
# 0004-rfbserver-don-t-leak-stack-memory-to-the-remote.patch
LIBVNCSERVER_IGNORE_CVES += CVE-2019-15681
# only used for examples
LIBVNCSERVER_CONF_OPTS += \
-DWITH_FFMPEG=OFF \
-DWITH_SDL=OFF
ifneq ($(BR2_TOOLCHAIN_HAS_THREADS),y)
LIBVNCSERVER_CONF_OPTS += -DWITH_THREADS=ON
else
LIBVNCSERVER_CONF_OPTS += -DWITH_THREADS=OFF
endif
# openssl supports needs NPTL thread support
ifeq ($(BR2_PACKAGE_OPENSSL)$(BR2_TOOLCHAIN_HAS_THREADS_NPTL),yy)
LIBVNCSERVER_CONF_OPTS += -DWITH_OPENSSL=ON
LIBVNCSERVER_DEPENDENCIES += openssl
else
LIBVNCSERVER_CONF_OPTS += -DWITH_OPENSSL=OFF
endif
ifeq ($(BR2_PACKAGE_LIBGCRYPT),y)
LIBVNCSERVER_CONF_OPTS += -DWITH_GCRYPT=ON
LIBVNCSERVER_DEPENDENCIES += libgcrypt
else
LIBVNCSERVER_CONF_OPTS += -DWITH_GCRYPT=OFF
endif
ifeq ($(BR2_PACKAGE_GNUTLS)$(BR2_PACKAGE_LIBGCRYPT),yy)
LIBVNCSERVER_CONF_OPTS += -DWITH_GNUTLS=ON
LIBVNCSERVER_DEPENDENCIES += gnutls
else
LIBVNCSERVER_CONF_OPTS += -DWITH_GNUTLS=OFF
endif
ifeq ($(BR2_PACKAGE_JPEG),y)
LIBVNCSERVER_CONF_OPTS += -DWITH_JPEG=ON
LIBVNCSERVER_DEPENDENCIES += jpeg
else
LIBVNCSERVER_CONF_OPTS += -DWITH_JPEG=OFF
endif
ifeq ($(BR2_PACKAGE_LIBPNG),y)
LIBVNCSERVER_CONF_OPTS += -DWITH_PNG=ON
LIBVNCSERVER_DEPENDENCIES += libpng
else
LIBVNCSERVER_CONF_OPTS += -DWITH_PNG=OFF
endif
ifeq ($(BR2_PACKAGE_SYSTEMD),y)
LIBVNCSERVER_CONF_OPTS += -DWITH_SYSTEMD=ON
LIBVNCSERVER_DEPENDENCIES += systemd
else
LIBVNCSERVER_CONF_OPTS += -DWITH_SYSTEMD=OFF
endif
ifeq ($(BR2_PACKAGE_ZLIB),y)
LIBVNCSERVER_CONF_OPTS += -DWITH_ZLIB=ON
LIBVNCSERVER_DEPENDENCIES += zlib
else
LIBVNCSERVER_CONF_OPTS += -DWITH_ZLIB=OFF
endif
$(eval $(cmake-package))
Reference in New Issue View Git Blame Copy Permalink