| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
| |
Fixes CVE-2018-7225 - An issue was discovered in LibVNCServer through
0.9.11. rfbProcessClientNormalMessage() in rfbserver.c does not sanitize
msg.cct.length, leading to access to uninitialized and potentially sensitive
data or possibly unspecified other impact (e.g., an integer overflow) via
specially crafted VNC packets.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
We want to use SPDX identifier for license strings as much as possible.
SPDX short identifier for GPLv2/GPLv2+ is GPL-2.0/GPL-2.0+.
This change is done by using following command.
find . -name "*.mk" | xargs sed -ri '/LICENSE( )?[\+:]?=/s/\<GPLv2\>/GPL-2.0/g'
Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Security related fixes:
- Heap-based buffer overflow in rfbproto.c in LibVNCClient in LibVNCServer
before 0.9.11 (CVE-2016-9941)
- Heap-based buffer overflow in ultra.c in LibVNCClient in LibVNCServer
before 0.9.11 (CVE-2016-9942)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
|
|
|
| |
Fixes:
http://autobuild.buildroot.org/results/469/469d5667f05ca6954805772fcaaa2b33dfdc6167/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
| |
Now that IPv6 is mandatory remove package dependencies and conditionals
for it.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
The OpenSSL support of libvncserver already has a dependency on thread
support, but it in fact requires NPTL threading.
Fixes:
http://autobuild.buildroot.org/results/be2/be20dec9ffe7de3adc46a834852b20353d39baff/
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since SourceForge sometimes serves us faulty tarballs, we can tons of
autobuild failures:
http://autobuild.buildroot.org/results/9fb/9fba5bf086a4e7a29e5f7156ec43847db7aacfc4/
http://autobuild.buildroot.org/results/6c8/6c837b244c45ac3b3a887734a371cd6d226cf216/
...
Fix that by adding hash files for all SourceForge-hosted packages (thos
etht did not already have it).
We normally prefer to use hashes published by upstream, but hunting them
all one by one is a tedious task, so those hashes were all locally
computed with a script that searched for SF-hosted packages, downloades
the associated tarball, computed the hash, and stored it in the
corresponding .hash file.
Also, SF publishes sha1 hashes, while I used the stronger sha256, since
sha1 is now considered to be relatively weak.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Peter Korsgaard <jacmet@uclibc.org>
Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Cc: Maxime Hadjinlian <maxime.hadjinlian@gmail.com>
Cc: Richard Braun <rbraun@sceen.net>
Cc: Nathaniel Roach <nroach44@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
TightPNG encoding speeds up HTML5 based VNC clients like noVNC.
libvncserver enables this encoding if both libpng and jpeg libraries
are available.
[Thomas: rewrap Config.in help text.]
Signed-off-by: Floris Bos <bos@je-eigen-domein.nl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The libvncclient library (part of libvncserver) has optional support
for HW accelerated H264 video playback using libva
However there are currently two problems with it:
1) it only supports libva compiled with X11 support enabled, but it
does not verify that is the case, resulting in compile errors.
2) it only supports the libva 1.0.x API, and not newer
libva versions, like 1.4.x we include with buildroot.
https://github.com/LibVNC/libvncserver/issues/11
Disabling libva support for now.
Signed-off-by: Floris Bos <bos@je-eigen-domein.nl>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
[Thomas:
- add comment about AUTORECONF = YES, noticed by Baruch Siach, and
suggested by Yann E. Morin.
- add dependency on host-pkgconf, since the configure script uses
PKG_CHECK_MODULES.]
Signed-off-by: Floris Bos <bos@je-eigen-domein.nl>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
To be consistent with the recent change of FOO_MAKE_OPT into FOO_MAKE_OPTS,
make the same change for FOO_CONF_OPT.
Sed command used:
find * -type f | xargs sed -i 's#_CONF_OPT\>#&S#g'
Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes:
CVE-2014-6051 and
CVE-2014-6052 denial of service and possible code execution via
integer overflow and lack of malloc error handling in
MallocFrameBuffer()
CVE-2014-6053 denial of service via large ClientCutText message.
CVE-2014-6054 denial of service via zero scaling factor.
CVE-2014-6055 denial of service and possible code execution via
stack overflows in File Transfer feature.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
|
|
|
|
| |
Fixes http://autobuild.buildroot.net/results/30e/30e6a879ab6d84df4688c3d29761522f68dad9fc/
fork() is only used in VNCommand.c, so it seems doable to patch the sources
(and send upstream) to make it work on !mmu if people are interested.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
|
|
|
|
| |
Fixes http://autobuild.buildroot.net/results/c30/c3082693fe0da0c54d4bbf950dd6d74e1395c1d9/
Also pass --without-ssl if that isn't the case, as the configure script
otherwise ends up detecting openssl if built before libvncserver.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
|
| |
Fixes http://autobuild.buildroot.net/results/761/7618028d0781269d2f6f0a14d814da456f207475/
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
|
| |
|
|
|
| |
Signed-off-by: Alexandre Belloni <alexandre.belloni@free-electrons.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
|
| |
|
|
|
| |
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
|
| |
|
|
|
|
| |
Fixes http://autobuild.buildroot.org/results/3b479b8cf751cc0c075ab942b56aad36f79ada71
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
|
| |
|
|
| |
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
|
| |
|
|
|
|
| |
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Acked-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
|
| |
|
|
|
| |
Signed-off-by: Stefan Fröberg <stefan.froberg@petroprogram.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Also remove the redundant $(call ...).
This is a purely mechanical change, performed with
find package linux toolchain boot -name \*.mk | \
xargs sed -i -e 's/$(eval $(call GENTARGETS))/$(eval $(generic-package))/' \
-e 's/$(eval $(call AUTOTARGETS))/$(eval $(autotools-package))/' \
-e 's/$(eval $(call CMAKETARGETS))/$(eval $(cmake-package))/'
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
|
| |
|
|
| |
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
|
|
|
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
|
