Created attachment 178550 [details] Update libvncserver to 0.9.11 The attached patch updates libvncserver to 0.9.11. * Release notes https://github.com/LibVNC/libvncserver/releases/tag/LibVNCServer-0.9.11 * Removal of libvncclient/h264.c https://github.com/LibVNC/libvncserver/commit/612de004c47586d74d5a93901a2d94ca1fc3f5e3 Build tests: * Poudriere 11.0, amd64: OK * Poudriere 10.3, amd64: OK I haven't done any run tests. The port apparently has some unit tests but I haven't run them yet, gotta figure out how to do that properly in a clean environment. The port has no maintainer, implicit approval.
running fine for me
This also fixes security vuln https://vuxml.freebsd.org/freebsd/64be967a-d379-11e6-a071-001e67f15f5a.html so MFC indicated. Also, shlib ABI version bump, so PORTREVISION should be incremented in ports that link against this as a default option, which will be some subset of these: graphics/osg-devel graphics/osg emulators/bochs emulators/kcemu emulators/virtualbox-ose net/krdc net/remmina-plugin-vnc net/guacamole-server
(In reply to Matthew Seaman from comment #2) s/MFC/MFH/
A commit references this bug: Author: matthew Date: Sat Jan 21 21:47:22 UTC 2017 New revision: 432083 URL: https://svnweb.freebsd.org/changeset/ports/432083 Log: Update to 0.9.11 This includes a security fix for CVE-2016-9941 and CVE-2016-9942 * Drop files/patch-libvncclient_h264.c -- upstream has dropped h264 support * Switch from USE_OPENSSL to USES+=ssl * PORTREVISION bump in ports that link against libvncserver.so (with their default OPTIONS settings) due to change in ABI version of libvncserver.so PR: 215802 Submitted by: vlad-fbsd@acheronmedia.com MFH: 2017Q1 Security: 64be967a-d379-11e6-a071-001e67f15f5a Changes: head/emulators/kcemu/Makefile head/emulators/virtualbox-ose/Makefile head/net/guacamole-server/Makefile head/net/krdc/Makefile head/net/libvncserver/Makefile head/net/libvncserver/distinfo head/net/libvncserver/files/ head/net/libvncserver/pkg-plist head/net/remmina-plugin-vnc/Makefile
A commit references this bug: Author: matthew Date: Sun Jan 22 12:02:20 UTC 2017 New revision: 432114 URL: https://svnweb.freebsd.org/changeset/ports/432114 Log: MFH: r432083 r432088 Update to 0.9.11 This includes a security fix for CVE-2016-9941 and CVE-2016-9942 * Drop files/patch-libvncclient_h264.c -- upstream has dropped h264 support * Switch from USE_OPENSSL to USES+=ssl * PORTREVISION bump in ports that link against libvncserver.so (with their default OPTIONS settings) due to change in ABI version of libvncserver.so PR: 215802 Submitted by: vlad-fbsd@acheronmedia.com Security: 64be967a-d379-11e6-a071-001e67f15f5a Bump PORTREVISION chasing ABI version increment in libvncserver -- this port was missed from r432083, and this change should be MFH'd as well. Approved by: ports-secteam (junovitch) Changes: _U branches/2017Q1/ branches/2017Q1/emulators/aqemu/Makefile branches/2017Q1/emulators/kcemu/Makefile branches/2017Q1/emulators/virtualbox-ose/Makefile branches/2017Q1/net/guacamole-server/Makefile branches/2017Q1/net/krdc/Makefile branches/2017Q1/net/libvncserver/Makefile branches/2017Q1/net/libvncserver/distinfo branches/2017Q1/net/libvncserver/files/ branches/2017Q1/net/libvncserver/pkg-plist branches/2017Q1/net/remmina-plugin-vnc/Makefile
Committed with minor changes, thanks!