x11vnc: fix CVE-2020-29074
scan.c in x11vnc 0.9.16 uses IPC_CREAT|0777 in shmget calls, which allows access by actors other than the current user. Fixes: CVE-2020-29074
This commit is contained in:
parent
037d1121a4
commit
1c414c565b
1 changed files with 9 additions and 1 deletions
|
@ -1,4 +1,4 @@
|
|||
{ stdenv, fetchFromGitHub,
|
||||
{ stdenv, fetchFromGitHub, fetchpatch,
|
||||
openssl, zlib, libjpeg, xorg, coreutils, libvncserver,
|
||||
autoreconfHook, pkgconfig }:
|
||||
|
||||
|
@ -13,6 +13,14 @@ stdenv.mkDerivation rec {
|
|||
sha256 = "1g652mmi79pfq4p5p7spaswa164rpzjhc5rn2phy5pm71lm0vib1";
|
||||
};
|
||||
|
||||
patches = [
|
||||
(fetchpatch {
|
||||
name = "CVE-2020-29074.patch";
|
||||
url = "https://github.com/LibVNC/x11vnc/commit/69eeb9f7baa14ca03b16c9de821f9876def7a36a.patch";
|
||||
sha256 = "0hdhp32g2i5m0ihmaxkxhsn3d5f2qasadvwpgxify4xnzabmyb2d";
|
||||
})
|
||||
];
|
||||
|
||||
nativeBuildInputs = [ autoreconfHook pkgconfig ];
|
||||
|
||||
buildInputs =
|
||||
|
|
Loading…
Reference in a new issue