From b0e7b6992f3f845e83cfbca4d700b51dba50b4d5 Mon Sep 17 00:00:00 2001 From: Ludovic Courtès Date: Sun, 12 Jul 2020 22:53:28 +0200 Subject: gnu: Remove ".git" from "https://github/…/….git". MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Until now, 'lookup-origin' and thus 'lookup-origin-revision' in (guix swh) would sometimes return #f for these because the ".git" URLs are redirects to the non-".git" URLs. Consequently, 'guix lint -c archival' would keep saying "scheduled Software Heritage archival"; likewise, the fallback download code would fail. * gnu/packages/ada.scm, gnu/packages/admin.scm, gnu/packages/aidc.scm, gnu/packages/algebra.scm, gnu/packages/android.scm, gnu/packages/animation.scm, gnu/packages/arcan.scm, gnu/packages/assembly.scm, gnu/packages/audio.scm, gnu/packages/authentication.scm, gnu/packages/avr.scm, gnu/packages/axoloti.scm, gnu/packages/backup.scm, gnu/packages/bash.scm, gnu/packages/benchmark.scm, gnu/packages/bioconductor.scm, gnu/packages/bioinformatics.scm, gnu/packages/bittorrent.scm, gnu/packages/boost.scm, gnu/packages/build-tools.scm, gnu/packages/c.scm, gnu/packages/calendar.scm, gnu/packages/cdrom.scm, gnu/packages/check.scm, gnu/packages/chemistry.scm, gnu/packages/chez.scm, gnu/packages/clojure.scm, gnu/packages/code.scm, gnu/packages/compression.scm, gnu/packages/compton.scm, gnu/packages/coq.scm, gnu/packages/cpp.scm, gnu/packages/cran.scm, gnu/packages/crypto.scm, gnu/packages/curl.scm, gnu/packages/databases.scm, gnu/packages/datastructures.scm, gnu/packages/debug.scm, gnu/packages/disk.scm, gnu/packages/distributed.scm, gnu/packages/django.scm, gnu/packages/dlang.scm, gnu/packages/dns.scm, gnu/packages/docker.scm, gnu/packages/education.scm, gnu/packages/efi.scm, gnu/packages/elixir.scm, gnu/packages/emacs-xyz.scm, gnu/packages/embedded.scm, gnu/packages/emulators.scm, gnu/packages/engineering.scm, gnu/packages/erlang.scm, gnu/packages/fabric-management.scm, gnu/packages/file-systems.scm, gnu/packages/finance.scm, gnu/packages/firmware.scm, gnu/packages/flashing-tools.scm, gnu/packages/fonts.scm, gnu/packages/fontutils.scm, gnu/packages/fpga.scm, gnu/packages/game-development.scm, gnu/packages/games.scm, gnu/packages/genealogy.scm, gnu/packages/genimage.scm, gnu/packages/geo.scm, gnu/packages/gimp.scm, gnu/packages/gl.scm, gnu/packages/gnome-xyz.scm, gnu/packages/gnome.scm, gnu/packages/gnuzilla.scm, gnu/packages/golang.scm, gnu/packages/gpodder.scm, gnu/packages/graph.scm, gnu/packages/graphics.scm, gnu/packages/graphviz.scm, gnu/packages/groff.scm, gnu/packages/groovy.scm, gnu/packages/gtk.scm, gnu/packages/guile-xyz.scm, gnu/packages/guile.scm, gnu/packages/hardware.scm, gnu/packages/haskell-apps.scm, gnu/packages/haskell-xyz.scm, gnu/packages/hexedit.scm, gnu/packages/i2p.scm, gnu/packages/ibus.scm, gnu/packages/image-processing.scm, gnu/packages/image-viewers.scm, gnu/packages/image.scm, gnu/packages/ipfs.scm, gnu/packages/java-graphics.scm, gnu/packages/java-maths.scm, gnu/packages/java.scm, gnu/packages/javascript.scm, gnu/packages/jrnl.scm, gnu/packages/julia.scm, gnu/packages/jupyter.scm, gnu/packages/kodi.scm, gnu/packages/language.scm, gnu/packages/lego.scm, gnu/packages/less.scm, gnu/packages/libusb.scm, gnu/packages/linux.scm, gnu/packages/lirc.scm, gnu/packages/lisp-xyz.scm, gnu/packages/llvm.scm, gnu/packages/logging.scm, gnu/packages/lolcode.scm, gnu/packages/lua.scm, gnu/packages/lxde.scm, gnu/packages/lxqt.scm, gnu/packages/machine-learning.scm, gnu/packages/mail.scm, gnu/packages/markup.scm, gnu/packages/maths.scm, gnu/packages/maven.scm, gnu/packages/mes.scm, gnu/packages/messaging.scm, gnu/packages/monitoring.scm, gnu/packages/mpd.scm, gnu/packages/music.scm, gnu/packages/networking.scm, gnu/packages/node-xyz.scm, gnu/packages/ocaml.scm, gnu/packages/ocr.scm, gnu/packages/onc-rpc.scm, gnu/packages/opencl.scm, gnu/packages/opencog.scm, gnu/packages/pantheon.scm, gnu/packages/password-utils.scm, gnu/packages/patchutils.scm, gnu/packages/pdf.scm, gnu/packages/perl6.scm, gnu/packages/phabricator.scm, gnu/packages/popt.scm, gnu/packages/printers.scm, gnu/packages/prolog.scm, gnu/packages/protobuf.scm, gnu/packages/pulseaudio.scm, gnu/packages/python-crypto.scm, gnu/packages/python-web.scm, gnu/packages/python-xyz.scm, gnu/packages/qt.scm, gnu/packages/radio.scm, gnu/packages/rails.scm, gnu/packages/rdf.scm, gnu/packages/rednotebook.scm, gnu/packages/rpc.scm, gnu/packages/rsync.scm, gnu/packages/ruby.scm, gnu/packages/rust.scm, gnu/packages/scheme.scm, gnu/packages/screen.scm, gnu/packages/security-token.scm, gnu/packages/selinux.scm, gnu/packages/serialization.scm, gnu/packages/shells.scm, gnu/packages/shellutils.scm, gnu/packages/simh.scm, gnu/packages/sml.scm, gnu/packages/ssh.scm, gnu/packages/statistics.scm, gnu/packages/stenography.scm, gnu/packages/sync.scm, gnu/packages/syncthing.scm, gnu/packages/synergy.scm, gnu/packages/telephony.scm, gnu/packages/terminals.scm, gnu/packages/tex.scm, gnu/packages/texinfo.scm, gnu/packages/text-editors.scm, gnu/packages/textutils.scm, gnu/packages/time.scm, gnu/packages/tmux.scm, gnu/packages/tor.scm, gnu/packages/toys.scm, gnu/packages/version-control.scm, gnu/packages/video.scm, gnu/packages/vim.scm, gnu/packages/virtualization.scm, gnu/packages/vlang.scm, gnu/packages/vnc.scm, gnu/packages/vpn.scm, gnu/packages/web-browsers.scm, gnu/packages/web.scm, gnu/packages/wireservice.scm, gnu/packages/wm.scm, gnu/packages/wxwidgets.scm, gnu/packages/xdisorg.scm, gnu/packages/xml.scm, gnu/packages/xorg.scm, tests/lint.scm: Remove trailing ".git" from 'git-reference' URL. --- gnu/packages/vnc.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'gnu/packages/vnc.scm') diff --git a/gnu/packages/vnc.scm b/gnu/packages/vnc.scm index dcfbe89829..a084b30f59 100644 --- a/gnu/packages/vnc.scm +++ b/gnu/packages/vnc.scm @@ -51,7 +51,7 @@ (method git-fetch) (uri (git-reference - (url "https://github.com/TigerVNC/tigervnc.git") + (url "https://github.com/TigerVNC/tigervnc") (commit commit))) (sha256 (base32 @@ -238,7 +238,7 @@ where the server is installed."))) (origin (method git-fetch) (uri (git-reference - (url "https://github.com/LibVNC/libvncserver.git") + (url "https://github.com/LibVNC/libvncserver") (commit (string-append "LibVNCServer-" version)))) (file-name (git-file-name name version)) (sha256 -- cgit 1.4.1 From 2195ad6bd7df591c1f24b5717203b363bc3e1bfd Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Tue, 21 Jul 2020 22:18:50 +0200 Subject: gnu: libvnc: Update to 0.9.13. * gnu/packages/patches/libvnc-CVE-2018-20750.patch, gnu/packages/patches/libvnc-CVE-2019-15681.patch: Delete files. * gnu/local.mk (dist_patch_DATA): Adjust accordingly. * gnu/packages/vnc.scm (libvnc): Update to 0.9.13. [source](patches): Remove. [arguments]: Add phase to patch 'cc' invocation. --- gnu/local.mk | 2 -- gnu/packages/patches/libvnc-CVE-2018-20750.patch | 44 ------------------------ gnu/packages/patches/libvnc-CVE-2019-15681.patch | 23 ------------- gnu/packages/vnc.scm | 15 +++++--- 4 files changed, 11 insertions(+), 73 deletions(-) delete mode 100644 gnu/packages/patches/libvnc-CVE-2018-20750.patch delete mode 100644 gnu/packages/patches/libvnc-CVE-2019-15681.patch (limited to 'gnu/packages/vnc.scm') diff --git a/gnu/local.mk b/gnu/local.mk index 8ba36acf57..570e6a3b49 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1241,8 +1241,6 @@ dist_patch_DATA = \ %D%/packages/patches/libutils-add-includes.patch \ %D%/packages/patches/libutils-remove-damaging-includes.patch \ %D%/packages/patches/libvdpau-va-gl-unbundle.patch \ - %D%/packages/patches/libvnc-CVE-2018-20750.patch \ - %D%/packages/patches/libvnc-CVE-2019-15681.patch \ %D%/packages/patches/libvpx-CVE-2016-2818.patch \ %D%/packages/patches/libxslt-generated-ids.patch \ %D%/packages/patches/libxt-guix-search-paths.patch \ diff --git a/gnu/packages/patches/libvnc-CVE-2018-20750.patch b/gnu/packages/patches/libvnc-CVE-2018-20750.patch deleted file mode 100644 index 146243670a..0000000000 --- a/gnu/packages/patches/libvnc-CVE-2018-20750.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 09e8fc02f59f16e2583b34fe1a270c238bd9ffec Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Petr=20P=C3=ADsa=C5=99?= -Date: Mon, 7 Jan 2019 10:40:01 +0100 -Subject: [PATCH] Limit lenght to INT_MAX bytes in - rfbProcessFileTransferReadBuffer() - -This ammends 15bb719c03cc70f14c36a843dcb16ed69b405707 fix for a heap -out-of-bound write access in rfbProcessFileTransferReadBuffer() when -reading a transfered file content in a server. The former fix did not -work on platforms with a 32-bit int type (expected by rfbReadExact()). - -CVE-2018-15127 - - ---- - libvncserver/rfbserver.c | 7 ++++++- - 1 file changed, 6 insertions(+), 1 deletion(-) - -diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c -index 7af84906..f2edbeea 100644 ---- a/libvncserver/rfbserver.c -+++ b/libvncserver/rfbserver.c -@@ -88,6 +88,8 @@ - #include - /* strftime() */ - #include -+/* INT_MAX */ -+#include - - #ifdef LIBVNCSERVER_WITH_WEBSOCKETS - #include "rfbssl.h" -@@ -1472,8 +1474,11 @@ char *rfbProcessFileTransferReadBuffer(rfbClientPtr cl, uint32_t length) - 0XFFFFFFFF, i.e. SIZE_MAX for 32-bit systems. On 64-bit systems, a length of 0XFFFFFFFF - will safely be allocated since this check will never trigger and malloc() can digest length+1 - without problems as length is a uint32_t. -+ We also later pass length to rfbReadExact() that expects a signed int type and -+ that might wrap on platforms with a 32-bit int type if length is bigger -+ than 0X7FFFFFFF. - */ -- if(length == SIZE_MAX) { -+ if(length == SIZE_MAX || length > INT_MAX) { - rfbErr("rfbProcessFileTransferReadBuffer: too big file transfer length requested: %u", (unsigned int)length); - rfbCloseClient(cl); - return NULL; diff --git a/gnu/packages/patches/libvnc-CVE-2019-15681.patch b/gnu/packages/patches/libvnc-CVE-2019-15681.patch deleted file mode 100644 index e328d87920..0000000000 --- a/gnu/packages/patches/libvnc-CVE-2019-15681.patch +++ /dev/null @@ -1,23 +0,0 @@ -From d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a Mon Sep 17 00:00:00 2001 -From: Christian Beier -Date: Mon, 19 Aug 2019 22:32:25 +0200 -Subject: [PATCH] rfbserver: don't leak stack memory to the remote - -Thanks go to Pavel Cheremushkin of Kaspersky for reporting. ---- - libvncserver/rfbserver.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/libvncserver/rfbserver.c b/libvncserver/rfbserver.c -index 3bacc891..310e5487 100644 ---- a/libvncserver/rfbserver.c -+++ b/libvncserver/rfbserver.c -@@ -3724,6 +3724,8 @@ rfbSendServerCutText(rfbScreenInfoPtr rfbScreen,char *str, int len) - rfbServerCutTextMsg sct; - rfbClientIteratorPtr iterator; - -+ memset((char *)&sct, 0, sizeof(sct)); -+ - iterator = rfbGetClientIterator(rfbScreen); - while ((cl = rfbClientIteratorNext(iterator)) != NULL) { - sct.type = rfbServerCutText; diff --git a/gnu/packages/vnc.scm b/gnu/packages/vnc.scm index a084b30f59..ab89bad7aa 100644 --- a/gnu/packages/vnc.scm +++ b/gnu/packages/vnc.scm @@ -2,6 +2,7 @@ ;;; Copyright © 2019 Todor Kondić ;;; Copyright © 2020 Oleg Pykhalov ;;; Copyright © 2020 Hartmut Goebel +;;; Copyright © 2020 Marius Bakke ;;; ;;; This file is part of GNU Guix. ;;; @@ -233,7 +234,7 @@ where the server is installed."))) (define-public libvnc (package (name "libvnc") - (version "0.9.12") + (version "0.9.13") (source (origin (method git-fetch) @@ -242,10 +243,16 @@ where the server is installed."))) (commit (string-append "LibVNCServer-" version)))) (file-name (git-file-name name version)) (sha256 - (base32 "1226hb179l914919f5nm2mlf8rhaarqbf48aa649p4rwmghyx9vm")) - (patches (search-patches "libvnc-CVE-2018-20750.patch" - "libvnc-CVE-2019-15681.patch")))) + (base32 "0zz0hslw8b1p3crnfy3xnmrljik359h83dpk64s697dqdcrzy141")))) (build-system cmake-build-system) + (arguments + '(#:phases (modify-phases %standard-phases + (add-after 'unpack 'patch-cc-reference + (lambda _ + (substitute* "test/includetest.sh" + (("^cc -I") + "gcc -I")) + #t))))) (native-inputs `(("pkg-config" ,pkg-config))) (inputs -- cgit 1.4.1