tigervnc: 1.10.1 -> 1.11.0 (CVE-2020-26117)

ChangeLog: https://github.com/TigerVNC/tigervnc/releases/tag/v1.11.0 Also fixes CVE-2020-26117[1]. [1] https://nvd.nist.gov/vuln/detail/CVE-2020-26117, #100324
2021-01-08 16:48:52 +01:00 · 2021-01-08 16:48:52 +01:00 · c15be8d685
parent f621108dbc
commit c15be8d685
2 changed files with 13 additions and 29 deletions
--- a/pkgs/tools/admin/tigervnc/default.nix
+++ b/pkgs/tools/admin/tigervnc/default.nix
@ -6,40 +6,45 @@
 , libGLU
 , gnutls, pam, nettle
 , xterm, openssh, perl
-, makeWrapper}:
+, makeWrapper
+}:

 with stdenv.lib;

 stdenv.mkDerivation rec {
-  version = "1.10.1";
+  version = "1.11.0";
  pname = "tigervnc";

  src = fetchFromGitHub {
    owner = "TigerVNC";
    repo = "tigervnc";
-    rev = "v1.10.1";
-    sha256 = "001n189d2f3psn7nxgl8188ml6f7jbk26cxn2835y3mnlk5lmhgr";
+    rev = "v${version}";
+    sha256 = "sha256-IX39oEhTyk7NV+9dD9mFtes22fBdMTAVIv5XkqFK560=";
  };

  inherit fontDirectories;

-  patches = [ ./u_xorg-server-1.20.7-ddxInputThreadInit.patch ];
-
  postPatch = ''
-    sed -i -e '/^\$cmd \.= " -pn";/a$cmd .= " -xkbdir ${xkeyboard_config}/etc/X11/xkb";' unix/vncserver
+    sed -i -e '/^\$cmd \.= " -pn";/a$cmd .= " -xkbdir ${xkeyboard_config}/etc/X11/xkb";' unix/vncserver/vncserver.in
    fontPath=
    for i in $fontDirectories; do
      for j in $(find $i -name fonts.dir); do
        addToSearchPathWithCustomDelimiter "," fontPath $(dirname $j)
      done
    done
-    sed -i -e '/^\$cmd \.= " -pn";/a$cmd .= " -fp '"$fontPath"'";' unix/vncserver
+    sed -i -e '/^\$cmd \.= " -pn";/a$cmd .= " -fp '"$fontPath"'";' unix/vncserver/vncserver.in
    substituteInPlace vncviewer/vncviewer.cxx \
       --replace '"/usr/bin/ssh' '"${openssh}/bin/ssh'
  '';

  dontUseCmakeBuildDir = true;

+  cmakeFlags = [
+    "-DCMAKE_INSTALL_PREFIX=${placeholder "out"}"
+    "-DCMAKE_INSTALL_SBINDIR=${placeholder "out"}/bin"
+    "-DCMAKE_INSTALL_LIBEXECDIR=${placeholder "out"}/bin"
+  ];
+
  postBuild = ''
    export NIX_CFLAGS_COMPILE="$NIX_CFLAGS_COMPILE -Wno-error=int-to-pointer-cast -Wno-error=pointer-to-int-cast"
    export CXXFLAGS="$CXXFLAGS -fpermissive"
--- a/pkgs/tools/admin/tigervnc/u_xorg-server-1.20.7-ddxInputThreadInit.patch
+++ b/pkgs/tools/admin/tigervnc/u_xorg-server-1.20.7-ddxInputThreadInit.patch
@ -1,21 +0,0 @@
-Origin: https://build.opensuse.org/package/view_file/X11:XOrg/tigervnc/u_xorg-server-1.20.7-ddxInputThreadInit.patch
-diff -u -p -r tigervnc-1.10.0.old/unix/xserver/hw/vnc/xvnc.c tigervnc-1.10.0/unix/xserver/hw/vnc/xvnc.c
--- tigervnc-1.10.0.old/unix/xserver/hw/vnc/xvnc.c	2020-01-15 11:19:19.486731848 +0000
-+++ tigervnc-1.10.0/unix/xserver/hw/vnc/xvnc.c	2020-01-15 11:37:33.275445409 +0000
-@@ -295,6 +295,15 @@ void ddxBeforeReset(void)
- }
- #endif
- 
-+#if INPUTTHREAD
-+/** This function is called in Xserver/os/inputthread.c when starting
-+    the input thread. */
-+void
-+ddxInputThreadInit(void)
-+{
-+}
-+#endif
-+
- void ddxUseMsg(void)
- {
-     vncPrintBanner();
-