pool/xrdp
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 1118552 from home:dimstar:Factory

Browse Source 
- Update to version 0.9.23.1:
  + Security fix: Unchecked access to font glyph info
    (CVE-2023-42822).
- Changes from version 0.9.23:
  + General announcement: Running xrdp and xrdp-sesman on separate
    hosts is still supported by this release, but is now
    deprecated. This is not secure. A future v1.0 release will
    replace the TCP socket used between these processes with a Unix
    Domain Socket, and then cross-host running will not be
    possible.
  + Security fix: Improper handling of session establishment errors
    allows bypassing OS-level session restrictions
    (CVE-2023-40184).
  + Bug fixes:
    - Environment variables set by PAM modules are no longer
      restricted to around 250 characters.
    - X11 clipboard clients now no longer hang when requesting a
      clipboard format which isn't available.

OBS-URL: https://build.opensuse.org/request/show/1118552
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/xrdp?expand=0&rev=121
This commit is contained in:
Yifan Jiang 2023-11-02 01:36:38 +00:00 committed by Git OBS Bridge
parent 8222d51000
commit 9c606546e9
6 changed files with 43 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
xrdp-0.9.22.1.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:6dd320cfe9594a2aaa78f90adfe1bb550f9ce3f58bd9fc312dd30d003cb7f3cb
size 2059401

16
xrdp-0.9.22.1.tar.gz.asc
View File

@ -1,16 +0,0 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEGKuDipBxZ3RZFIcZA5k7QGXnGTsFAmRsEM0ACgkQA5k7QGXn
GTvOXA//cvi3R0CMIOtTCb8LYXEeH6+S8c4Mr/FDvvWn/7+lKcDG2T/d5dLkLobn
oQjmdnFT/aTlcQau5tlbpRms5zYjT9uAx4CCQ6pQENEbzlq4hB4yQ8ue8b9Up08v
4W0JyMZYpq96Hd1VgNOf+MBkLsHbKsCPB8f6GqEWvdMIrRtBTvP4pb+BxLgKxcZ8
afWRcjymgVUBRgwzAP2KAiOhFM6aVCUVf0JQ97YxhZWMt2+IWwl0MvJW4otztMC/
FgOomfdXnkhUKjdN5GTbG4mwBF4NiLSQirQfdFp+mkpZMTQNoqkahymXbAv9O525
mqpItW59MjkonlvpPwX3ZiRBjOezOFhq/tAyKUWJ2FxYG7YRuVM50rrI8bhIQ90N
JO2KIwfLcki+wNDNlYYZvUFV6vdjwIOWy26gtsu0sTCSH7BIZ9kezxhfYiY9BBGN
6XuCtz6/rbcF89a7pMJoME+obGDlemp7vmhAf5R3pjtXjfj62eIfxefvjt0w1rvU
fujowcsgOUWAQ3evMSedrjThdD6fETbNc9nHCtum0SzMcupTZp4bBhDR2eaVv4QF
kd+BwG0vE+tiWDs6xeKrxhNS/Ok80B7coFeynuzALQXxVQk69e7mTmZtotkRAwx2
+hXaVl+EjuskKFPevrz6TlIzQYNj7qyjhgGbJ4HllUcsJdc7Wa4=
=ePiK
-----END PGP SIGNATURE-----

3
xrdp-0.9.23.1.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:8fb71f6b90c2769fa0e02032c17e3c7ac70785c724d59fa1e08a9af5b9e7f5ca
size 2063776

17
xrdp-0.9.23.1.tar.gz.asc Normal file
View File

@ -0,0 +1,17 @@
-----BEGIN PGP SIGNATURE-----
iQJCBAABCAAsFiEEGKuDipBxZ3RZFIcZA5k7QGXnGTsFAmUUbdQOHG1ldGFAdm1l
dGEuanAACgkQA5k7QGXnGTuVPw/5AfWdTM/iEsLBe30FekSF/4FDT56kw+evMFaI
WAf5Nxb08oPIMvpB8jRY7objvCbuKEsAnWqp+yvDuQKbEu1C31YY9afmo0OGABuU
NxSgPGueCCWwQJrSHMGGucTwjeHBbeRY4MsCs0WcuLiODCG37bflnQiXwfJIya1Q
8ywzJuOF995HoB2uSWaV7edZicIxlZVv/WoB4PJvXPUKmnXTceEgFjZE6XI+ht2S
dkftgmu763fUVLL9tDTetHmLLXJYCS/Q+gnsJdT6RUDz7Bpfaj657M56GHXX3dOU
uzNzip7xWAbfabwMgq/9dHGHeJPn9trg3IbGUd6+hX5aeUCfssqeP53jOJvmOs3k
lvtXWImD7pbO4EQjQ+MP9TLTAMVPQa2vrpdcxw3X6pMRjZjWZLebPHyY0O0MPiPJ
tZ0FCRe3VTmYXiFVFF690zoqHX8Ld+ri8kyxSJqE7WEfnJkhVxSZ0UDzXojuAnbY
AFo+5kgJF6pFeaAAUgvRnTKIvoRT2H5+/xL2gaFqqKsBPBetP3qjjHUlsueGEA+2
8gPGAF4/91EVrGeh95zLNagHqbudVa9RvZGVTdwU3DnRArKkHurFIGwBhi5MDJYJ
URY61BFz7nm5yGL2MEn8l/9YsogT6KQxasivEy8vBL5xnLEeKV5rNUK+/Lq0sdU6
CXX4CcM=
=42Cl
-----END PGP SIGNATURE-----

22
xrdp.changes
View File

@ -1,3 +1,25 @@
-------------------------------------------------------------------
Wed Oct 18 09:23:35 UTC 2023 - Dominique Leuenberger <dimstar@opensuse.org>
- Update to version 0.9.23.1:
+ Security fix: Unchecked access to font glyph info
(CVE-2023-42822).
- Changes from version 0.9.23:
+ General announcement: Running xrdp and xrdp-sesman on separate
hosts is still supported by this release, but is now
deprecated. This is not secure. A future v1.0 release will
replace the TCP socket used between these processes with a Unix
Domain Socket, and then cross-host running will not be
possible.
+ Security fix: Improper handling of session establishment errors
allows bypassing OS-level session restrictions
(CVE-2023-40184).
+ Bug fixes:
- Environment variables set by PAM modules are no longer
restricted to around 250 characters.
- X11 clipboard clients now no longer hang when requesting a
clipboard format which isn't available.
-------------------------------------------------------------------
Thu Aug 3 04:01:39 UTC 2023 - Linnaea Lavia <linnaea@lavia.moe>

2
xrdp.spec
View File

@ -22,7 +22,7 @@
%endif
Name: xrdp
Version: 0.9.22.1
Version: 0.9.23.1
Release: 0
Summary: Remote desktop protocol (RDP) server
License: Apache-2.0 AND GPL-2.0-or-later