1.13.0
CVE-2023-0494
This commit is contained in:
Jan Grulich
parent
23abde10fa
commit
c52f97ee5f
@ -1,34 +0,0 @@
|
||||
From 2daf4126882f82b6e392dfbae87205dbdc559c3d Mon Sep 17 00:00:00 2001
|
||||
From: Pierre Ossman <ossman@cendio.se>
|
||||
Date: Thu, 23 Dec 2021 15:58:00 +0100
|
||||
Subject: [PATCH] Fix typo in mirror monitor detection
|
||||
|
||||
Bug introduced in fb561eb but still somehow passed manual testing.
|
||||
Resulted in some stray reads off the end of the stack, which were
|
||||
hopefully harmless.
|
||||
---
|
||||
vncviewer/MonitorIndicesParameter.cxx | 8 ++++----
|
||||
1 file changed, 4 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/vncviewer/MonitorIndicesParameter.cxx b/vncviewer/MonitorIndicesParameter.cxx
|
||||
index 5130831cb..4ac74dd1a 100644
|
||||
--- a/vncviewer/MonitorIndicesParameter.cxx
|
||||
+++ b/vncviewer/MonitorIndicesParameter.cxx
|
||||
@@ -211,13 +211,13 @@ std::vector<MonitorIndicesParameter::Monitor> MonitorIndicesParameter::fetchMoni
|
||||
// Only keep a single entry for mirrored screens
|
||||
match = false;
|
||||
for (int j = 0; j < ((int) monitors.size()); j++) {
|
||||
- if (monitors[i].x != monitor.x)
|
||||
+ if (monitors[j].x != monitor.x)
|
||||
continue;
|
||||
- if (monitors[i].y != monitor.y)
|
||||
+ if (monitors[j].y != monitor.y)
|
||||
continue;
|
||||
- if (monitors[i].w != monitor.w)
|
||||
+ if (monitors[j].w != monitor.w)
|
||||
continue;
|
||||
- if (monitors[i].h != monitor.h)
|
||||
+ if (monitors[j].h != monitor.h)
|
||||
continue;
|
||||
|
||||
match = true;
|
||||
@ -1,25 +0,0 @@
|
||||
From faf81b4b238e24fe29eb53f885a25367e212dd7b Mon Sep 17 00:00:00 2001
|
||||
From: Zdenek Pytela <zpytela@redhat.com>
|
||||
Date: Mon, 7 Feb 2022 10:45:41 +0100
|
||||
Subject: [PATCH] SELinux: use /root/.vnc in file context specification
|
||||
|
||||
Instead of HOME_ROOT/.vnc, /root/.vnc should be used
|
||||
for user root's home to specify default file context
|
||||
as HOME_ROOT actually means base for home dirs (usually /home).
|
||||
---
|
||||
unix/vncserver/selinux/vncsession.fc | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/unix/vncserver/selinux/vncsession.fc b/unix/vncserver/selinux/vncsession.fc
|
||||
index 6aaf4b1f4..bc81f8f25 100644
|
||||
--- a/unix/vncserver/selinux/vncsession.fc
|
||||
+++ b/unix/vncserver/selinux/vncsession.fc
|
||||
@@ -18,7 +18,7 @@
|
||||
#
|
||||
|
||||
HOME_DIR/\.vnc(/.*)? gen_context(system_u:object_r:vnc_home_t,s0)
|
||||
-HOME_ROOT/\.vnc(/.*)? gen_context(system_u:object_r:vnc_home_t,s0)
|
||||
+/root/\.vnc(/.*)? gen_context(system_u:object_r:vnc_home_t,s0)
|
||||
|
||||
/usr/sbin/vncsession -- gen_context(system_u:object_r:vnc_session_exec_t,s0)
|
||||
/usr/libexec/vncsession-start -- gen_context(system_u:object_r:vnc_session_exec_t,s0)
|
||||
@ -1,81 +0,0 @@
|
||||
From d2d52704624ce841f4a392fccd82079d87ff13b6 Mon Sep 17 00:00:00 2001
|
||||
From: Jan Grulich <jgrulich@redhat.com>
|
||||
Date: Thu, 11 Nov 2021 13:52:41 +0100
|
||||
Subject: [PATCH] SELinux: restore SELinux context in case of different
|
||||
policies
|
||||
|
||||
---
|
||||
CMakeLists.txt | 13 +++++++++++++
|
||||
unix/vncserver/CMakeLists.txt | 2 +-
|
||||
unix/vncserver/vncsession.c | 16 ++++++++++++++++
|
||||
3 files changed, 30 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/CMakeLists.txt b/CMakeLists.txt
|
||||
index 50247c7da..1708eb3d8 100644
|
||||
--- a/CMakeLists.txt
|
||||
+++ b/CMakeLists.txt
|
||||
@@ -268,6 +268,19 @@ if(UNIX AND NOT APPLE)
|
||||
endif()
|
||||
endif()
|
||||
|
||||
+# Check for SELinux library
|
||||
+if(UNIX AND NOT APPLE)
|
||||
+ check_include_files(selinux/selinux.h HAVE_SELINUX_H)
|
||||
+ if(HAVE_SELINUX_H)
|
||||
+ set(CMAKE_REQUIRED_LIBRARIES -lselinux)
|
||||
+ set(CMAKE_REQUIRED_LIBRARIES)
|
||||
+ set(SELINUX_LIBS selinux)
|
||||
+ add_definitions("-DHAVE_SELINUX")
|
||||
+ else()
|
||||
+ message(WARNING "Could not find SELinux development files")
|
||||
+ endif()
|
||||
+endif()
|
||||
+
|
||||
# Generate config.h and make sure the source finds it
|
||||
configure_file(config.h.in config.h)
|
||||
add_definitions(-DHAVE_CONFIG_H)
|
||||
diff --git a/unix/vncserver/CMakeLists.txt b/unix/vncserver/CMakeLists.txt
|
||||
index f65ccc7db..ae69dc098 100644
|
||||
--- a/unix/vncserver/CMakeLists.txt
|
||||
+++ b/unix/vncserver/CMakeLists.txt
|
||||
@@ -1,5 +1,5 @@
|
||||
add_executable(vncsession vncsession.c)
|
||||
-target_link_libraries(vncsession ${PAM_LIBS})
|
||||
+target_link_libraries(vncsession ${PAM_LIBS} ${SELINUX_LIBS})
|
||||
|
||||
configure_file(vncserver@.service.in vncserver@.service @ONLY)
|
||||
configure_file(vncsession-start.in vncsession-start @ONLY)
|
||||
diff --git a/unix/vncserver/vncsession.c b/unix/vncserver/vncsession.c
|
||||
index 3573e5e9b..f6d2fd59e 100644
|
||||
--- a/unix/vncserver/vncsession.c
|
||||
+++ b/unix/vncserver/vncsession.c
|
||||
@@ -37,6 +37,11 @@
|
||||
#include <sys/types.h>
|
||||
#include <sys/wait.h>
|
||||
|
||||
+#ifdef HAVE_SELINUX
|
||||
+#include <selinux/selinux.h>
|
||||
+#include <selinux/restorecon.h>
|
||||
+#endif
|
||||
+
|
||||
extern char **environ;
|
||||
|
||||
// PAM service name
|
||||
@@ -360,6 +365,17 @@ redir_stdio(const char *homedir, const char *display)
|
||||
syslog(LOG_CRIT, "Failure creating \"%s\": %s", logfile, strerror(errno));
|
||||
_exit(EX_OSERR);
|
||||
}
|
||||
+
|
||||
+#ifdef HAVE_SELINUX
|
||||
+ int result;
|
||||
+ if (selinux_file_context_verify(logfile, 0) == 0) {
|
||||
+ result = selinux_restorecon(logfile, SELINUX_RESTORECON_RECURSE);
|
||||
+
|
||||
+ if (result < 0) {
|
||||
+ syslog(LOG_WARNING, "Failure restoring SELinux context for \"%s\": %s", logfile, strerror(errno));
|
||||
+ }
|
||||
+ }
|
||||
+#endif
|
||||
}
|
||||
|
||||
hostlen = sysconf(_SC_HOST_NAME_MAX);
|
||||
@ -3,8 +3,8 @@
|
||||
%global modulename vncsession
|
||||
|
||||
Name: tigervnc
|
||||
Version: 1.12.0
|
||||
Release: 9%{?dist}
|
||||
Version: 1.13.0
|
||||
Release: 1%{?dist}
|
||||
Summary: A TigerVNC remote display system
|
||||
|
||||
%global _hardened_build 1
|
||||
@ -24,10 +24,7 @@ Source5: vncserver
|
||||
# Downstream patches
|
||||
|
||||
# Upstream patches
|
||||
Patch50: tigervnc-selinux-restore-context-in-case-of-different-policies.patch
|
||||
Patch51: tigervnc-fix-typo-in-mirror-monitor-detection.patch
|
||||
Patch52: tigervnc-root-user-selinux-context.patch
|
||||
Patch53: tigervnc-vncsession-restore-script-systemd-service.patch
|
||||
Patch50: tigervnc-vncsession-restore-script-systemd-service.patch
|
||||
|
||||
# This is tigervnc-%%{version}/unix/xserver116.patch rebased on the latest xorg
|
||||
Patch100: tigervnc-xserver120.patch
|
||||
@ -148,10 +145,7 @@ runs properly under an environment with SELinux enabled.
|
||||
%prep
|
||||
%setup -q
|
||||
|
||||
%patch50 -p1 -b .selinux-restore-context-in-case-of-different-policies
|
||||
%patch51 -p1 -b .fix-typo-in-mirror-monitor-detection
|
||||
%patch52 -p1 -b .root-user-selinux-context
|
||||
%patch53 -p1 -b .vncsession-restore-script-systemd-service
|
||||
%patch50 -p1 -b .vncsession-restore-script-systemd-service
|
||||
|
||||
cp -r /usr/share/xorg-x11-server-source/* unix/xserver
|
||||
pushd unix/xserver
|
||||
@ -291,6 +285,7 @@ fi
|
||||
%{_bindir}/vncviewer
|
||||
%{_datadir}/applications/*
|
||||
%{_mandir}/man1/vncviewer.1*
|
||||
%{_datadir}/metainfo/org.tigervnc.vncviewer.metainfo.xml
|
||||
|
||||
%files server
|
||||
%config(noreplace) %{_sysconfdir}/pam.d/tigervnc
|
||||
@ -334,6 +329,10 @@ fi
|
||||
%ghost %verify(not md5 size mtime) %{_sharedstatedir}/selinux/%{selinuxtype}/active/modules/200/%{modulename}
|
||||
|
||||
%changelog
|
||||
* Tue Feb 07 2023 Jan Grulich <jgrulich@redhat.com> - 1.13.0-1
|
||||
- 1.13.0
|
||||
- CVE-2023-0494
|
||||
|
||||
* Tue Jan 31 2023 Jan Grulich <jgrulich@redhat.com> - 1.12.0-9
|
||||
- migrated to SPDX license
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user