Use dup() to get available file descriptor when using -inetd option
Resolves: RHEL-21000
This commit is contained in:
parent
da041a367f
commit
c32f5f2f67
17
tigervnc-use-dup-to-get-available-fd-for-inetd.patch
Normal file
17
tigervnc-use-dup-to-get-available-fd-for-inetd.patch
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
diff --git a/unix/xserver/hw/vnc/xvnc.c b/unix/xserver/hw/vnc/xvnc.c
|
||||||
|
index f8141959..c5c36539 100644
|
||||||
|
--- a/unix/xserver/hw/vnc/xvnc.c
|
||||||
|
+++ b/unix/xserver/hw/vnc/xvnc.c
|
||||||
|
@@ -366,8 +366,10 @@ ddxProcessArgument(int argc, char *argv[], int i)
|
||||||
|
if (strcmp(argv[i], "-inetd") == 0) {
|
||||||
|
int nullfd;
|
||||||
|
|
||||||
|
- dup2(0, 3);
|
||||||
|
- vncInetdSock = 3;
|
||||||
|
+ if ((vncInetdSock = dup(0)) == -1)
|
||||||
|
+ FatalError
|
||||||
|
+ ("Xvnc error: failed to allocate a new file descriptor for -inetd: %s\n", strerror(errno));
|
||||||
|
+
|
||||||
|
|
||||||
|
/* Avoid xserver >= 1.19's epoll-fd becoming fd 2 / stderr only to be
|
||||||
|
replaced by /dev/null by OsInit() because the pollfd is not
|
@ -5,7 +5,7 @@
|
|||||||
|
|
||||||
Name: tigervnc
|
Name: tigervnc
|
||||||
Version: 1.13.1
|
Version: 1.13.1
|
||||||
Release: 5%{?dist}
|
Release: 6%{?dist}
|
||||||
Summary: A TigerVNC remote display system
|
Summary: A TigerVNC remote display system
|
||||||
|
|
||||||
%global _hardened_build 1
|
%global _hardened_build 1
|
||||||
@ -28,6 +28,7 @@ Patch3: tigervnc-dont-install-appstream-metadata-file.patch
|
|||||||
|
|
||||||
# Upstream patches
|
# Upstream patches
|
||||||
Patch50: tigervnc-support-username-alias-in-plainusers.patch
|
Patch50: tigervnc-support-username-alias-in-plainusers.patch
|
||||||
|
Patch51: tigervnc-use-dup-to-get-available-fd-for-inetd.patch
|
||||||
|
|
||||||
# This is tigervnc-%%{version}/unix/xserver116.patch rebased on the latest xorg
|
# This is tigervnc-%%{version}/unix/xserver116.patch rebased on the latest xorg
|
||||||
Patch100: tigervnc-xserver120.patch
|
Patch100: tigervnc-xserver120.patch
|
||||||
@ -190,6 +191,7 @@ popd
|
|||||||
|
|
||||||
# Upstream patches
|
# Upstream patches
|
||||||
%patch50 -p1 -b .support-username-alias-in-plainusers
|
%patch50 -p1 -b .support-username-alias-in-plainusers
|
||||||
|
%patch51 -p1 -b .use-dup-to-get-available-fd-for-inetd
|
||||||
|
|
||||||
%build
|
%build
|
||||||
%ifarch sparcv9 sparc64 s390 s390x
|
%ifarch sparcv9 sparc64 s390 s390x
|
||||||
@ -344,6 +346,10 @@ fi
|
|||||||
%ghost %verify(not md5 size mode mtime) %{_sharedstatedir}/selinux/%{selinuxtype}/active/modules/200/%{modulename}
|
%ghost %verify(not md5 size mode mtime) %{_sharedstatedir}/selinux/%{selinuxtype}/active/modules/200/%{modulename}
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Jan 08 2024 Jan Grulich <jgrulich@redhat.com> - 1.13.1-6
|
||||||
|
- Use dup() to get available file descriptor when using -inetd option
|
||||||
|
Resolves: RHEL-21000
|
||||||
|
|
||||||
* Mon Dec 18 2023 Jan Grulich <jgrulich@redhat.com> - 1.13.1-5
|
* Mon Dec 18 2023 Jan Grulich <jgrulich@redhat.com> - 1.13.1-5
|
||||||
- Fix CVE-2023-6377 tigervnc: xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions
|
- Fix CVE-2023-6377 tigervnc: xorg-x11-server: out-of-bounds memory reads/writes in XKB button actions
|
||||||
Resolves: RHEL-18410
|
Resolves: RHEL-18410
|
||||||
|
Loading…
Reference in New Issue
Block a user