X-Original-To: alpine-aports@lists.alpinelinux.org
Received: from mail-lf0-f67.google.com (mail-lf0-f67.google.com [209.85.215.67])
	by lists.alpinelinux.org (Postfix) with ESMTP id CC10C5C4164
	for <alpine-aports@lists.alpinelinux.org>; Wed, 11 Jan 2017 08:29:42 +0000 (GMT)
Received: by mail-lf0-f67.google.com with SMTP id v186so10705957lfa.2
        for <alpine-aports@lists.alpinelinux.org>; Wed, 11 Jan 2017 00:29:42 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=from:to:cc:subject:date:message-id;
        bh=gSjXHCjlgIbF7dzST9hkor+wccxBxYyRI3qohLSxuOc=;
        b=KzQ2dGZ6lPrgAdN8bqnZoJUvh1BUu8ZeuTirleer6PYQ1Y8hF6g+hhFcQo7+fmEXhM
         xWmtVUqecP07M6oQqjYmax8fTwuH7jWigCX/ihaOGkdEiz7+A1vnnsDRr4Rp1p+WVhmM
         Q4COA7m59nxZgvY5F5MuU0CZq54nUaLWnygJN4pxEnvC51rYExJf/YAX3aIZGAAjtBqZ
         uN2oLuO78zdATivPFIswy6hk8lPsEJAGtClEL1Dzji1r15MfNVF3gKR6kszZaAFh+SN3
         AuTHrUA1fFWV9/xT5Jq5Scdn12E8yiw/chuan5Sws+R+kA8J5ucSD5P5XC9pbQq7/7HJ
         Yvjg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id;
        bh=gSjXHCjlgIbF7dzST9hkor+wccxBxYyRI3qohLSxuOc=;
        b=rgkVrH2Z+G3R9rutRKc5KFgwG9vq0hcJW3GMMMEv15Tj7h54/5efwKtosiHNJsC9cX
         bI0Q0cISsFBMxrc0LPlmdPBU3oavosSndUiulEcLc1JMQiDuz0vMlBT2ZlMAoedWiHiA
         yOQHNhrenGxExd+cAseZnS5+MMHivo/+PG3pjwpo5+w+/BlkFihVvd1zqg/L671PrP6v
         rPk6KHa/QiV5PhmtOe3xFTGp/VwVXOL+KHGzCzBou9YRprdDRIgOyRhWNQY+TMsKHUSN
         4O/AOQeHYceJj1chlwvFTmNtcKHaZqqTss6Yp3skBJYtxVTie/r/OTQ8sfrnVU6nbyNm
         cIlw==
X-Gm-Message-State: AIkVDXJFIx/KNRLHwN253swiorH6+QGcv3EnZl8ZbL+1rP4iEEyQT1/8p2Q9OXnWy3F72g==
X-Received: by 10.25.18.218 with SMTP id 87mr2459338lfs.128.1484123381733;
        Wed, 11 Jan 2017 00:29:41 -0800 (PST)
Received: from edge.util.wtbts.net ([83.145.235.199])
        by smtp.gmail.com with ESMTPSA id c66sm1120570ljd.44.2017.01.11.00.29.40
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Wed, 11 Jan 2017 00:29:40 -0800 (PST)
From: Sergey Lukin <sergej.lukin@gmail.com>
To: alpine-aports@lists.alpinelinux.org
Cc: Sergey Lukin <sergej.lukin@gmail.com>
Subject: [alpine-aports] [PATCH edge] main/libvncserver: security upgrade to 0.9.11 - fixes #6637
Date: Wed, 11 Jan 2017 08:29:02 +0000
Message-Id: <20170111082902.31185-1-sergej.lukin@gmail.com>
X-Mailer: git-send-email 2.11.0
X-Mailinglist: alpine-aports
Precedence: list
List-Id: Alpine Development <alpine-aports.lists.alpinelinux.org>
List-Unsubscribe: 
	<mailto:alpine-aports+unsubscribe@lists.alpinelinux.org?subject=unsubscribe>
List-Post: <mailto:alpine-aports@lists.alpinelinux.org>
List-Help: <mailto:alpine-aports+help@lists.alpinelinux.org?subject=help>
List-Subscribe: 
	<mailto:alpine-aports+subscribe@lists.alpinelinux.org?subject=subscribe>

CVE-2016-9941: Heap-based buffer overflow in rfbproto.c
CVE-2016-9942: Heap-based buffer overflow in ultra.c
---
 main/libvncserver/APKBUILD | 24 ++++++++++++++----------
 1 file changed, 14 insertions(+), 10 deletions(-)

diff --git a/main/libvncserver/APKBUILD b/main/libvncserver/APKBUILD
index c93b52883e..33569e3adb 100644
--- a/main/libvncserver/APKBUILD
+++ b/main/libvncserver/APKBUILD
@@ -1,8 +1,9 @@
+# Contributor: Sergei Lukin <sergej.lukin@gmail.com>
 # Contributor: Natanael Copa <ncopa@alpinelinux.org>
 # Maintainer:
 pkgname=libvncserver
-pkgver=0.9.10
-pkgrel=1
+pkgver=0.9.11
+pkgrel=0
 pkgdesc="Library to make writing a vnc server easy"
 url="http://libvncserver.sourceforge.net/"
 arch="all"
@@ -14,14 +15,17 @@ depends_dev="libgcrypt-dev libjpeg-turbo-dev gnutls-dev libpng-dev
 makedepends="$depends_dev autoconf automake libtool"
 install=""
 subpackages="$pkgname-dev"
-source="http://downloads.sf.net/libvncserver/LibVNCServer-$pkgver.tar.gz"
 source="https://github.com/LibVNC/libvncserver/archive/LibVNCServer-$pkgver.tar.gz
 	"
+# secfixes:
+#   0.9.11-r0:
+#     - CVE-2016-9941
+#     - CVE-2016-9942
 
-_builddir="$srcdir"/libvncserver-LibVNCServer-$pkgver
+builddir="$srcdir"/libvncserver-LibVNCServer-$pkgver
 prepare() {
 	local i
-	cd "$_builddir"
+	cd "$builddir"
 	for i in $source; do
 		case $i in
 		*.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
@@ -31,7 +35,7 @@ prepare() {
 }
 
 build() {
-	cd "$_builddir"
+	cd "$builddir"
 	./configure \
 		--build=$CBUILD \
 		--host=$CHOST \
@@ -42,10 +46,10 @@ build() {
 }
 
 package() {
-	cd "$_builddir"
+	cd "$builddir"
 	make install DESTDIR="$pkgdir" || return 1
 }
 
-md5sums="e1b888fae717b06896f8aec100163d27  LibVNCServer-0.9.10.tar.gz"
-sha256sums="ed10819a5bfbf269969f97f075939cc38273cc1b6d28bccfb0999fba489411f7  LibVNCServer-0.9.10.tar.gz"
-sha512sums="eb637dfb72dc50fb713a715c9d0cc8824a6871527c2edb497e70c92e2e708021fbd5d8134f2dee6a9e90d1c8fd3fee53c5f5ece790c2804e938011a980ffceae  LibVNCServer-0.9.10.tar.gz"
+md5sums="7f06104d5c009813e95142932c4ddb06  LibVNCServer-0.9.11.tar.gz"
+sha256sums="193d630372722a532136fd25c5326b2ca1a636cbb8bf9bb115ef869c804d2894  LibVNCServer-0.9.11.tar.gz"
+sha512sums="e473c081b68dd3cdd96a1756b4f4945ece79d3c8e4cef62140be1699671555fc16d3080e81d764197a14ea83203ffcd0e18c3cc182e012d036e3faae943003fb  LibVNCServer-0.9.11.tar.gz"
-- 
2.11.0



---
Unsubscribe:  alpine-aports+unsubscribe@lists.alpinelinux.org
Help:         alpine-aports+help@lists.alpinelinux.org
---