From 1c414c565baeac77a81d781a51e1f3b34de5fc04 Mon Sep 17 00:00:00 2001
From: Martin Weinelt <hexa@darmstadt.ccc.de>
Date: Sat, 28 Nov 2020 15:58:55 +0100
Subject: x11vnc: fix CVE-2020-29074

scan.c in x11vnc 0.9.16 uses IPC_CREAT|0777 in shmget calls, which allows
access by actors other than the current user.

Fixes: CVE-2020-29074
---
 pkgs/tools/X11/x11vnc/default.nix | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

(limited to 'pkgs/tools/X11/x11vnc')

diff --git a/pkgs/tools/X11/x11vnc/default.nix b/pkgs/tools/X11/x11vnc/default.nix
index 2f7b0d7697e5..5ed827b5a546 100644
--- a/pkgs/tools/X11/x11vnc/default.nix
+++ b/pkgs/tools/X11/x11vnc/default.nix
@@ -1,4 +1,4 @@
-{ stdenv, fetchFromGitHub,
+{ stdenv, fetchFromGitHub, fetchpatch,
   openssl, zlib, libjpeg, xorg, coreutils, libvncserver,
   autoreconfHook, pkgconfig }:
 
@@ -13,6 +13,14 @@ stdenv.mkDerivation rec {
     sha256 = "1g652mmi79pfq4p5p7spaswa164rpzjhc5rn2phy5pm71lm0vib1";
   };
 
+  patches = [
+    (fetchpatch {
+      name = "CVE-2020-29074.patch";
+      url = "https://github.com/LibVNC/x11vnc/commit/69eeb9f7baa14ca03b16c9de821f9876def7a36a.patch";
+      sha256 = "0hdhp32g2i5m0ihmaxkxhsn3d5f2qasadvwpgxify4xnzabmyb2d";
+    })
+  ];
+
   nativeBuildInputs = [ autoreconfHook pkgconfig ];
 
   buildInputs =
-- 
cgit v1.2.3