Summary: | net/libvncserver: Update to 0.9.11 (Security fixes) | ||||||
---|---|---|---|---|---|---|---|
Product: | Ports & Packages | Reporter: | VK <vlad-fbsd> | ||||
Component: | Individual Port(s) | Assignee: | Matthew Seaman <matthew> | ||||
Status: | Closed FIXED | ||||||
Severity: | Affects Some People | CC: | dutchman01, lantw44, matthew | ||||
Priority: | --- | Keywords: | patch, security | ||||
Version: | Latest | Flags: | vlad-fbsd:
merge-quarterly?
|
||||
Hardware: | Any | ||||||
OS: | Any | ||||||
URL: | https://github.com/LibVNC/libvncserver/releases/tag/LibVNCServer-0.9.11 | ||||||
Bug Depends on: | 215805 | ||||||
Bug Blocks: | |||||||
Attachments: |
|
Description
VK
2017-01-05 18:29:46 UTC
running fine for me This also fixes security vuln https://vuxml.freebsd.org/freebsd/64be967a-d379-11e6-a071-001e67f15f5a.html so MFC indicated. Also, shlib ABI version bump, so PORTREVISION should be incremented in ports that link against this as a default option, which will be some subset of these: graphics/osg-devel graphics/osg emulators/bochs emulators/kcemu emulators/virtualbox-ose net/krdc net/remmina-plugin-vnc net/guacamole-server (In reply to Matthew Seaman from comment #2) s/MFC/MFH/ A commit references this bug: Author: matthew Date: Sat Jan 21 21:47:22 UTC 2017 New revision: 432083 URL: https://svnweb.freebsd.org/changeset/ports/432083 Log: Update to 0.9.11 This includes a security fix for CVE-2016-9941 and CVE-2016-9942 * Drop files/patch-libvncclient_h264.c -- upstream has dropped h264 support * Switch from USE_OPENSSL to USES+=ssl * PORTREVISION bump in ports that link against libvncserver.so (with their default OPTIONS settings) due to change in ABI version of libvncserver.so PR: 215802 Submitted by: vlad-fbsd@acheronmedia.com MFH: 2017Q1 Security: 64be967a-d379-11e6-a071-001e67f15f5a Changes: head/emulators/kcemu/Makefile head/emulators/virtualbox-ose/Makefile head/net/guacamole-server/Makefile head/net/krdc/Makefile head/net/libvncserver/Makefile head/net/libvncserver/distinfo head/net/libvncserver/files/ head/net/libvncserver/pkg-plist head/net/remmina-plugin-vnc/Makefile A commit references this bug: Author: matthew Date: Sun Jan 22 12:02:20 UTC 2017 New revision: 432114 URL: https://svnweb.freebsd.org/changeset/ports/432114 Log: MFH: r432083 r432088 Update to 0.9.11 This includes a security fix for CVE-2016-9941 and CVE-2016-9942 * Drop files/patch-libvncclient_h264.c -- upstream has dropped h264 support * Switch from USE_OPENSSL to USES+=ssl * PORTREVISION bump in ports that link against libvncserver.so (with their default OPTIONS settings) due to change in ABI version of libvncserver.so PR: 215802 Submitted by: vlad-fbsd@acheronmedia.com Security: 64be967a-d379-11e6-a071-001e67f15f5a Bump PORTREVISION chasing ABI version increment in libvncserver -- this port was missed from r432083, and this change should be MFH'd as well. Approved by: ports-secteam (junovitch) Changes: _U branches/2017Q1/ branches/2017Q1/emulators/aqemu/Makefile branches/2017Q1/emulators/kcemu/Makefile branches/2017Q1/emulators/virtualbox-ose/Makefile branches/2017Q1/net/guacamole-server/Makefile branches/2017Q1/net/krdc/Makefile branches/2017Q1/net/libvncserver/Makefile branches/2017Q1/net/libvncserver/distinfo branches/2017Q1/net/libvncserver/files/ branches/2017Q1/net/libvncserver/pkg-plist branches/2017Q1/net/remmina-plugin-vnc/Makefile Committed with minor changes, thanks! |