libvncserver: 0.9.11 -> 0.9.12 (#74514)
Vuln roundup #73664 -- unstable channel Version bump from 0.9.11 to 0.9.12 fixes: * CVE-2018-6307 * CVE-2018-15126 * CVE-2018-15127 * CVE-2018-20019 * CVE-2018-20020 * CVE-2018-20021 * CVE-2018-20022 * CVE-2018-20023 * CVE-2018-20024 * CVE-2018-20748 * CVE-2018-20749 Plus add two upstream patches to fix: * CVE-2018-20750 * CVE-2019-15681
This commit is contained in:
parent
d016a507ea
commit
3fb4e09812
@ -1,41 +1,43 @@
|
|||||||
{stdenv, fetchurl, fetchpatch,
|
{ stdenv, fetchzip, fetchpatch, cmake
|
||||||
libtool, libjpeg, openssl, zlib, libgcrypt, autoreconfHook, pkgconfig, libpng,
|
, libjpeg, openssl, zlib, libgcrypt, libpng
|
||||||
systemd
|
, systemd
|
||||||
}:
|
}:
|
||||||
|
|
||||||
let
|
let
|
||||||
s = # Generated upstream information
|
s = # Generated upstream information
|
||||||
rec {
|
rec {
|
||||||
baseName="libvncserver";
|
pname = "libvncserver";
|
||||||
version="0.9.11";
|
version = "0.9.12";
|
||||||
name="${baseName}-${version}";
|
url = "https://github.com/LibVNC/libvncserver/archive/LibVNCServer-${version}.tar.gz";
|
||||||
url="https://github.com/LibVNC/libvncserver/archive/LibVNCServer-${version}.tar.gz";
|
sha256 = "1226hb179l914919f5nm2mlf8rhaarqbf48aa649p4rwmghyx9vm"; # unpacked archive checksum
|
||||||
sha256="15189n09r1pg2nqrpgxqrcvad89cdcrca9gx6qhm6akjf81n6g8r";
|
|
||||||
};
|
};
|
||||||
in
|
in
|
||||||
stdenv.mkDerivation {
|
stdenv.mkDerivation {
|
||||||
inherit (s) name version;
|
inherit (s) pname version;
|
||||||
src = fetchurl {
|
src = fetchzip {
|
||||||
inherit (s) url sha256;
|
inherit (s) url sha256;
|
||||||
};
|
};
|
||||||
patches = [
|
patches = [
|
||||||
# CVE-2018-7225. Remove with the next release
|
|
||||||
(fetchpatch {
|
(fetchpatch {
|
||||||
url = https://salsa.debian.org/debian/libvncserver/raw/master/debian/patches/CVE-2018-7225.patch;
|
name = "CVE-2018-20750.patch";
|
||||||
sha256 = "1hj1lzxsrdmzzl061vg0ncdpvfmvvkrpk8q12mp70qvszcqa7ja3";
|
url = "https://github.com/LibVNC/libvncserver/commit/09e8fc02f59f16e2583b34fe1a270c238bd9ffec.patch";
|
||||||
|
sha256 = "004h50786nvjl3y3yazpsi2b767vc9gqrwm1ralj3zgy47kwfhqm";
|
||||||
|
})
|
||||||
|
(fetchpatch {
|
||||||
|
name = "CVE-2019-15681.patch";
|
||||||
|
url = "https://github.com/LibVNC/libvncserver/commit/d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a.patch";
|
||||||
|
sha256 = "0hf0ss7all2m50z2kan4mck51ws44yim4ymn8p0d991y465y6l9s";
|
||||||
})
|
})
|
||||||
];
|
];
|
||||||
preConfigure = ''
|
nativeBuildInputs = [ cmake ];
|
||||||
sed -e 's@/usr/include/linux@${stdenv.cc.libc}/include/linux@g' -i configure
|
|
||||||
'';
|
|
||||||
nativeBuildInputs = [ pkgconfig autoreconfHook ];
|
|
||||||
buildInputs = [
|
buildInputs = [
|
||||||
libtool libjpeg openssl libgcrypt libpng
|
libjpeg openssl libgcrypt libpng
|
||||||
] ++ stdenv.lib.optional stdenv.isLinux systemd;
|
] ++ stdenv.lib.optional stdenv.isLinux systemd;
|
||||||
propagatedBuildInputs = [ zlib ];
|
propagatedBuildInputs = [ zlib ];
|
||||||
meta = {
|
meta = {
|
||||||
inherit (s) version;
|
inherit (s) version;
|
||||||
description = "VNC server library";
|
description = "VNC server library";
|
||||||
|
homepage = "https://libvnc.github.io/";
|
||||||
license = stdenv.lib.licenses.gpl2Plus ;
|
license = stdenv.lib.licenses.gpl2Plus ;
|
||||||
maintainers = [stdenv.lib.maintainers.raskin];
|
maintainers = [stdenv.lib.maintainers.raskin];
|
||||||
platforms = stdenv.lib.platforms.unix;
|
platforms = stdenv.lib.platforms.unix;
|
||||||
|
Loading…
Reference in New Issue
Block a user