Accepting request 1118552 from home:dimstar:Factory
- Update to version 0.9.23.1:
+ Security fix: Unchecked access to font glyph info
(CVE-2023-42822).
- Changes from version 0.9.23:
+ General announcement: Running xrdp and xrdp-sesman on separate
hosts is still supported by this release, but is now
deprecated. This is not secure. A future v1.0 release will
replace the TCP socket used between these processes with a Unix
Domain Socket, and then cross-host running will not be
possible.
+ Security fix: Improper handling of session establishment errors
allows bypassing OS-level session restrictions
(CVE-2023-40184).
+ Bug fixes:
- Environment variables set by PAM modules are no longer
restricted to around 250 characters.
- X11 clipboard clients now no longer hang when requesting a
clipboard format which isn't available.
OBS-URL: https://build.opensuse.org/request/show/1118552
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/xrdp?expand=0&rev=121
This commit is contained in:
Yifan Jiang
Git OBS Bridge
parent
8222d51000
commit
9c606546e9
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:6dd320cfe9594a2aaa78f90adfe1bb550f9ce3f58bd9fc312dd30d003cb7f3cb
|
|
||||||
size 2059401
|
|
||||||
@ -1,16 +0,0 @@
|
|||||||
-----BEGIN PGP SIGNATURE-----
|
|
||||||
|
|
||||||
iQIzBAABCAAdFiEEGKuDipBxZ3RZFIcZA5k7QGXnGTsFAmRsEM0ACgkQA5k7QGXn
|
|
||||||
GTvOXA//cvi3R0CMIOtTCb8LYXEeH6+S8c4Mr/FDvvWn/7+lKcDG2T/d5dLkLobn
|
|
||||||
oQjmdnFT/aTlcQau5tlbpRms5zYjT9uAx4CCQ6pQENEbzlq4hB4yQ8ue8b9Up08v
|
|
||||||
4W0JyMZYpq96Hd1VgNOf+MBkLsHbKsCPB8f6GqEWvdMIrRtBTvP4pb+BxLgKxcZ8
|
|
||||||
afWRcjymgVUBRgwzAP2KAiOhFM6aVCUVf0JQ97YxhZWMt2+IWwl0MvJW4otztMC/
|
|
||||||
FgOomfdXnkhUKjdN5GTbG4mwBF4NiLSQirQfdFp+mkpZMTQNoqkahymXbAv9O525
|
|
||||||
mqpItW59MjkonlvpPwX3ZiRBjOezOFhq/tAyKUWJ2FxYG7YRuVM50rrI8bhIQ90N
|
|
||||||
JO2KIwfLcki+wNDNlYYZvUFV6vdjwIOWy26gtsu0sTCSH7BIZ9kezxhfYiY9BBGN
|
|
||||||
6XuCtz6/rbcF89a7pMJoME+obGDlemp7vmhAf5R3pjtXjfj62eIfxefvjt0w1rvU
|
|
||||||
fujowcsgOUWAQ3evMSedrjThdD6fETbNc9nHCtum0SzMcupTZp4bBhDR2eaVv4QF
|
|
||||||
kd+BwG0vE+tiWDs6xeKrxhNS/Ok80B7coFeynuzALQXxVQk69e7mTmZtotkRAwx2
|
|
||||||
+hXaVl+EjuskKFPevrz6TlIzQYNj7qyjhgGbJ4HllUcsJdc7Wa4=
|
|
||||||
=ePiK
|
|
||||||
-----END PGP SIGNATURE-----
|
|
||||||
3
xrdp-0.9.23.1.tar.gz
Normal file
3
xrdp-0.9.23.1.tar.gz
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:8fb71f6b90c2769fa0e02032c17e3c7ac70785c724d59fa1e08a9af5b9e7f5ca
|
||||||
|
size 2063776
|
||||||
17
xrdp-0.9.23.1.tar.gz.asc
Normal file
17
xrdp-0.9.23.1.tar.gz.asc
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
-----BEGIN PGP SIGNATURE-----
|
||||||
|
|
||||||
|
iQJCBAABCAAsFiEEGKuDipBxZ3RZFIcZA5k7QGXnGTsFAmUUbdQOHG1ldGFAdm1l
|
||||||
|
dGEuanAACgkQA5k7QGXnGTuVPw/5AfWdTM/iEsLBe30FekSF/4FDT56kw+evMFaI
|
||||||
|
WAf5Nxb08oPIMvpB8jRY7objvCbuKEsAnWqp+yvDuQKbEu1C31YY9afmo0OGABuU
|
||||||
|
NxSgPGueCCWwQJrSHMGGucTwjeHBbeRY4MsCs0WcuLiODCG37bflnQiXwfJIya1Q
|
||||||
|
8ywzJuOF995HoB2uSWaV7edZicIxlZVv/WoB4PJvXPUKmnXTceEgFjZE6XI+ht2S
|
||||||
|
dkftgmu763fUVLL9tDTetHmLLXJYCS/Q+gnsJdT6RUDz7Bpfaj657M56GHXX3dOU
|
||||||
|
uzNzip7xWAbfabwMgq/9dHGHeJPn9trg3IbGUd6+hX5aeUCfssqeP53jOJvmOs3k
|
||||||
|
lvtXWImD7pbO4EQjQ+MP9TLTAMVPQa2vrpdcxw3X6pMRjZjWZLebPHyY0O0MPiPJ
|
||||||
|
tZ0FCRe3VTmYXiFVFF690zoqHX8Ld+ri8kyxSJqE7WEfnJkhVxSZ0UDzXojuAnbY
|
||||||
|
AFo+5kgJF6pFeaAAUgvRnTKIvoRT2H5+/xL2gaFqqKsBPBetP3qjjHUlsueGEA+2
|
||||||
|
8gPGAF4/91EVrGeh95zLNagHqbudVa9RvZGVTdwU3DnRArKkHurFIGwBhi5MDJYJ
|
||||||
|
URY61BFz7nm5yGL2MEn8l/9YsogT6KQxasivEy8vBL5xnLEeKV5rNUK+/Lq0sdU6
|
||||||
|
CXX4CcM=
|
||||||
|
=42Cl
|
||||||
|
-----END PGP SIGNATURE-----
|
||||||
22
xrdp.changes
22
xrdp.changes
@ -1,3 +1,25 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Wed Oct 18 09:23:35 UTC 2023 - Dominique Leuenberger <dimstar@opensuse.org>
|
||||||
|
|
||||||
|
- Update to version 0.9.23.1:
|
||||||
|
+ Security fix: Unchecked access to font glyph info
|
||||||
|
(CVE-2023-42822).
|
||||||
|
- Changes from version 0.9.23:
|
||||||
|
+ General announcement: Running xrdp and xrdp-sesman on separate
|
||||||
|
hosts is still supported by this release, but is now
|
||||||
|
deprecated. This is not secure. A future v1.0 release will
|
||||||
|
replace the TCP socket used between these processes with a Unix
|
||||||
|
Domain Socket, and then cross-host running will not be
|
||||||
|
possible.
|
||||||
|
+ Security fix: Improper handling of session establishment errors
|
||||||
|
allows bypassing OS-level session restrictions
|
||||||
|
(CVE-2023-40184).
|
||||||
|
+ Bug fixes:
|
||||||
|
- Environment variables set by PAM modules are no longer
|
||||||
|
restricted to around 250 characters.
|
||||||
|
- X11 clipboard clients now no longer hang when requesting a
|
||||||
|
clipboard format which isn't available.
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Thu Aug 3 04:01:39 UTC 2023 - Linnaea Lavia <linnaea@lavia.moe>
|
Thu Aug 3 04:01:39 UTC 2023 - Linnaea Lavia <linnaea@lavia.moe>
|
||||||
|
|
||||||
|
|||||||
@ -22,7 +22,7 @@
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
Name: xrdp
|
Name: xrdp
|
||||||
Version: 0.9.22.1
|
Version: 0.9.23.1
|
||||||
Release: 0
|
Release: 0
|
||||||
Summary: Remote desktop protocol (RDP) server
|
Summary: Remote desktop protocol (RDP) server
|
||||||
License: Apache-2.0 AND GPL-2.0-or-later
|
License: Apache-2.0 AND GPL-2.0-or-later
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user