head 1.2; access; symbols pkgsrc-2013Q2:1.2.0.18 pkgsrc-2013Q2-base:1.2 pkgsrc-2012Q4:1.2.0.16 pkgsrc-2012Q4-base:1.2 pkgsrc-2011Q4:1.2.0.14 pkgsrc-2011Q4-base:1.2 pkgsrc-2011Q2:1.2.0.12 pkgsrc-2011Q2-base:1.2 pkgsrc-2009Q4:1.2.0.10 pkgsrc-2009Q4-base:1.2 pkgsrc-2008Q4:1.2.0.8 pkgsrc-2008Q4-base:1.2 pkgsrc-2008Q3:1.2.0.6 pkgsrc-2008Q3-base:1.2 cube-native-xorg:1.2.0.4 cube-native-xorg-base:1.2 pkgsrc-2008Q2:1.2.0.2 pkgsrc-2008Q2-base:1.2 pkgsrc-2008Q1:1.1.0.2; locks; strict; comment @# @; 1.2 date 2008.06.08.16.29.28; author tron; state dead; branches; next 1.1; 1.1 date 2008.05.10.15.28.04; author tonnerre; state Exp; branches 1.1.2.1; next ; 1.1.2.1 date 2008.05.10.15.28.04; author ghen; state dead; branches; next 1.1.2.2; 1.1.2.2 date 2008.05.11.09.25.19; author ghen; state Exp; branches; next ; desc @@ 1.2 log @Update "rdesktop" package to version 1.6.0. Changes since 1.5.0: * Fix for potential vulnerability against compromised/malicious servers (reported by iDefense) * Fix for crash with recent versions of X.Org * Fix for connection to Windows 2008 Server * ALSA driver added * Sound drivers can now be selected at runtime * Smartcard support (Alexi Volkov ) * Send physical mouse buttons rather than logical ones The security fixes had already been integrated into "pkgsrc" as patches. @ text @$NetBSD: patch-ah,v 1.1 2008/05/10 15:28:04 tonnerre Exp $ --- disk.c.orig 2006-08-07 13:45:43.000000000 +0200 +++ disk.c @@@@ -799,7 +799,7 @@@@ disk_set_information(NTHANDLE handle, ui if (length && (length / 2) < 256) { - rdp_in_unistr(in, newname, length); + rdp_in_unistr(in, newname, sizeof(newname), length); convert_to_unix_filename(newname); } else @ 1.1 log @Add patches required to fix CVE-2008-180[123], taken from rdesktop CVS. 1) An integer underflow error in iso.c when processing RDP requests can be exploited to cause a heap-based buffer overflow. 2) An input validation error in rdp.c when processing RDP redirect requests can be exploited to cause a BSS-based buffer overflow. 3) A signedness error within "xrealloc()" in rdesktop.c can be exploited to cause a heap-based buffer overflow. @ text @d1 1 a1 1 $NetBSD$ @ 1.1.2.1 log @file patch-ah was added on branch pkgsrc-2008Q1 on 2008-05-11 09:25:19 +0000 @ text @d1 13 @ 1.1.2.2 log @Pullup ticket 2368 - requested by tonnerre security fix for rdesktop - pkgsrc/net/rdesktop/Makefile 1.34 - pkgsrc/net/rdesktop/distinfo 1.18 - pkgsrc/net/rdesktop/patches/patch-ac 1.5 - pkgsrc/net/rdesktop/patches/patch-ad 1.1 - pkgsrc/net/rdesktop/patches/patch-ae 1.1 - pkgsrc/net/rdesktop/patches/patch-af 1.1 - pkgsrc/net/rdesktop/patches/patch-ag 1.1 - pkgsrc/net/rdesktop/patches/patch-ah 1.1 - pkgsrc/net/rdesktop/patches/patch-ai 1.1 Module Name: pkgsrc Committed By: tonnerre Date: Sat May 10 15:28:04 UTC 2008 Modified Files: pkgsrc/net/rdesktop: Makefile distinfo Added Files: pkgsrc/net/rdesktop/patches: patch-ac patch-ad patch-ae patch-af patch-ag patch-ah patch-ai Log Message: Add patches required to fix CVE-2008-180[123], taken from rdesktop CVS. 1) An integer underflow error in iso.c when processing RDP requests can be exploited to cause a heap-based buffer overflow. 2) An input validation error in rdp.c when processing RDP redirect requests can be exploited to cause a BSS-based buffer overflow. 3) A signedness error within "xrealloc()" in rdesktop.c can be exploited to cause a heap-based buffer overflow. @ text @a0 13 $NetBSD$ --- disk.c.orig 2006-08-07 13:45:43.000000000 +0200 +++ disk.c @@@@ -799,7 +799,7 @@@@ disk_set_information(NTHANDLE handle, ui if (length && (length / 2) < 256) { - rdp_in_unistr(in, newname, length); + rdp_in_unistr(in, newname, sizeof(newname), length); convert_to_unix_filename(newname); } else @