- xrdp-CVE-2022-23477.patch (bsc#1206301)
+ Buffer over flow in audin_send_open() function
- Security fixes:
+ xrdp-CVE-2022-23468.patch (bsc#1206300)
* Buffer overflow in xrdp_login_wnd_create()
+ xrdp-CVE-2022-23478.patch (bsc#1206302)
* Out of Bound Write in xrdp_mm_trans_process_drdynvc_chan
+ xrdp-CVE-2022-23479.patch (bsc#1206303)
* Buffer overflow in xrdp_mm_chan_data_in() function
+ xrdp-CVE-2022-23480.patch (bsc#1206306)
* Buffer overflow in devredir_proc_client_devlist_announce_req
+ xrdp-CVE-2022-23481.patch (bsc#1206307)
* Out of Bound Read in xrdp_caps_process_confirm_active()
+ xrdp-CVE-2022-23482.patch (bsc#1206310)
+ Out of Bound Read in xrdp_sec_process_mcs_data_CS_CORE()
+ xrdp-CVE-2022-23483.patch (bsc#1206311)
+ Out of Bound REad in libxrdp_send_to_channel()
+ xrdp-CVE-2022-23484.patch (bsc#1206312)
+ Integer Overflow in xrdp_mm_process_rail_update_window_text()
+ xrdp-CVE-2022-23493.patch (bsc#1206313)
+ Out of Bound Read in xrdp_mm_trans_process_drdynvc_channel_close()
OBS-URL: https://build.opensuse.org/request/show/1057176
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/xrdp?expand=0&rev=106
- Update to version 0.9.19
+ New features
- loongarch support
- Improved Fail2ban support
- Both inbound and outbound clipboards can now be restricted for text,
files or images
- Versions 0.13 and later of checklib can undefine the pre-processor
symbol HAVE_STDINT_H
- The OpenSSL 3 EVP interface is now fully supported
- The logging of TLS/non-TLS security negotiation has been improved
- Unified and improved logging
- Status values for the DRDYNVC channel are now available in
libxrdp/xrdp_channel.h
- Backgrounds and logos on the login screen can now be zoomed and scaled
- The performance settings for NeutrinoRDP can be now configured
- clipboard: log file transfer for the purpose of audit
- Client's Keyboard layout now can be overridden by xrdp configuration
for debugging purposes
- On-the-fly resolution change now supported for Xvnc and Xorg
- xrdp can now use key algorithms other than RSA for TLS
- chansrv can now work on DISPLAY=:0 so it can be used with
x11vnc/Vino/etc sessions
+ Bug fixes
- Privilege escalation on xrdp-sesman: CVE-2022-23613
- Some situations where zombie processes could exist have been resolved
- Null-pointer exceptions which can happen in the logging module addressed
- Some minor logging errors have been corrected
- The signal handling in sesman has been reworked to prevent race conditions
when a child exits
- Logging is improved for security protocol level decisions
- Failure to attach to the memory area shared with xorgxrdp now logged
- Remote drive redirection now works if printer redirection is also
requested by the client
- config value has been added which allows copy-pasting of files to work
with Nautilus for GNOME 3 versions >= 3.29.92
- Fix some regressions in sesman auth modules
- Fix TS_PLAY_SOUND_PDU_DATA to set the correct frequency and duration
- Fix password leakage to logs in NeutrinoRDP module
- Remove *.txt as docs because of files not found (improvements in man pages)
OBS-URL: https://build.opensuse.org/request/show/978632
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/xrdp?expand=0&rev=98
- Rework files section: do not add config(noreplace) marker on the
directory /etc/xrdp, but only on the content of the directory.
+ the config(noreplace) marker on the dircreates a rpm metadata
marker, which can be identified as conflicting with other
packages also owning /etc/xrdp, without the marker
+ The re-org of the files section happens to also fix warnings
about files listed twice.
The old buildlog contained entries like
```
[ 124s] warning: File listed twice: /etc/xrdp
[ 124s] warning: File listed twice: /etc/xrdp/km-00000406.ini
[ 124s] warning: File listed twice: /etc/xrdp/km-00000407.ini
[ 124s] warning: File listed twice: /etc/xrdp/km-00000409.ini
[ 124s] warning: File listed twice: /etc/xrdp/km-0000040a.ini
[ 124s] warning: File listed twice: /etc/xrdp/km-0000040b.ini
[ 124s] warning: File listed twice: /etc/xrdp/km-0000040c.ini
[ 124s] warning: File listed twice: /etc/xrdp/km-00000410.ini
[ 124s] warning: File listed twice: /etc/xrdp/km-00000411.ini
```
OBS-URL: https://build.opensuse.org/request/show/951614
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/xrdp?expand=0&rev=95
- Update to version 0.9.15
+ New features
- Allow token sign in without autologon for SSO (#1667#1668)
- Norwegian keyboard support (#1675)
- Improved config support for chansrv (#1635)
- Unified chansrv, sesman and libxrdp logging (#1633#1708#1738)
- Support SUSE move to /usr/etc (#1702)
- Parameters may now be specified for user-specified shell
(#1270#1695)
- xrdp executables now allow alternative config files to be
specified with -c (#1588#1650#1651)
- sesrun improvements (#1741)
- Drive redirection location can now be specified (#1048)
+ Bug fixes
- Additional buffer overflow checks (#1662)
- genkeymap array size conflict fixed (#1691)
- Buffering issue with neutrinordp over a slow link fixed
(#1608 1634)
- Prevent PAM info message from causing authentication failure
(#1727)
- Try harder to clean up socket files on session exit (#1740#1756)
- xrdp-chansrv become defunct in docker while file copy (#1658)
- Drop xrdp-buildfix.patch: fixed upstream
- Drop xrdp-default-config.patch. Add patched sources xrdp.ini and
sesman.ini to avoid frequent rebases
- Drop xrdp-usr-etc-support.patch: fixed upstream
- Rebase xrdp-avahi.diff
- Rebase xrdp-fate318398-change-expired-password.patch
OBS-URL: https://build.opensuse.org/request/show/860663
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/xrdp?expand=0&rev=92
- Update to version 0.9.14
+ New features
- Multi monitor and resize support for Xvnc backend #1343
For more details see
https://github.com/neutrinolabs/xrdp/wiki/Xvnc-backend-:-Multi-monitor-and-resize-support
- Support Programmer Dvorak Keyboard #1663
+ Bug fixes
- Fix odd shift key behavior (workaround) #397#1522
- Fix internal username/password buffer is smaller than RDP
protocol specification #1648#1653
- Fix possible memory out-of-bounds accesses #1549
- Fix memory allocation overflow #1557
- Prevent chansrv input channels being scanned during a server
reset #1595
- Ignore TS_MULTIFRAGMENTUPDATE_CAPABILITYSET from client if fp
disabled #1593
+ Known issues
- FreeRDP 2.0.0-rc4 or later might not able to connect to xrdp
due to xrdp's bad-mannered behaviour, add +glyph-cache option
to FreeRDP to connect #1266
- Audio redirection by MP3 codec doesn't sound with some
client, use AAC instead #965
- Drop xrdp-fate319683-allow-vnc-resizing.patch: fixed upstream
- Rebase xrdp-default-config.patch
- Rebase xrdp-disable-8-bpp-vnc-support.patch
- Rebase xrdp-fate318398-change-expired-password.patch
OBS-URL: https://build.opensuse.org/request/show/834273
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/xrdp?expand=0&rev=87
- Update xrdp-bsc965647-allow-admin-choose-desktop.patch:
+ Set the default session to GNOME Session for SLE.
+ Update the variables to launch SLE-Classic Session.
(bsc#1166746).
- Update xrdp-bsc965647-allow-admin-choose-desktop.patch:
Add `export XDG_SESSION_TYPE=x11` in startwm.sh for SLE, since
lacking this variable in GNOME 3.34 causes GNOME crash (bsc#1159257).
OBS-URL: https://build.opensuse.org/request/show/787829
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/xrdp?expand=0&rev=78
- Update to version 0.9.13
+ Bug fixes: some regressions on drive redirection #1469#1487#1505#1507
+ Support mousex button 8/9 #1478
- Update to version 0.9.12
+ Bug fixes
- Fix "The log reference is NULL" error when sesman startup
#1425
- Fix behavior when shmem_id changes #1439
- Make vsock config accept -1 for cid and port #1441
- Cleanup refresh rect and check stream bounds #1437
- Significant improvements in drive redirection #1449
+ Other changes
- Proprietary microphone redirection via rdpsnd is now default
off RDP compatible microphone redirection is on instead #1427
- Skip connecting to chansrv when no channels enabled #1393
- Add openSUSE's pam rules (boo#1156094, #1442)
- Do not terminate xrdp daemon when caught SIGHUP #1319
- Known issues
+ FreeRDP 2.0.0-rc4 or later might not able to connect to xrdp
due to xrdp's bad-mannered behaviour, add `+glyph-cache` option
to FreeRDP to connect #1266
+ Audio redirection by MP3 codec doesn't sound with some client,
use AAC instead #965
- Drop xrdp-mkpamrules-support-usr-etc-distconfdir.patch: Fixed
upstream
OBS-URL: https://build.opensuse.org/request/show/784202
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/xrdp?expand=0&rev=76
- Update to version 0.9.11 (jsc#9612)
+ New features
- Suppress output (do not draw screen when client window is
minimized) #1330
- Audio input (microphone) redirection compatible with
MS-RDPEAI #1369
- Now xrdp can listen on more than one port #1124#1366
+ Bug fixes
- Fix the issue audio redirection sometimes sounds with long
delay #1363
- Check term event for more responsive shutdown #1372
+ Known issues
- FreeRDP 2.0.0-rc4 or later might not able to connect to xrdp
due to xrdp's bad-mannered behaviour, add +glyph-cache option
to FreeRDP to connect #1266
- Audio redirection by MP3 codec doesn't sound with some
client, use AAC instead #965
- Rebase xrdp-avahi.diff, worked around stdint.h definitions
- Rebase xrdp-fate319683-allow-vnc-resizing.patch
OBS-URL: https://build.opensuse.org/request/show/737648
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/xrdp?expand=0&rev=64
