- Update to version 0.9.23.1:
+ Security fix: Unchecked access to font glyph info
(CVE-2023-42822).
- Changes from version 0.9.23:
+ General announcement: Running xrdp and xrdp-sesman on separate
hosts is still supported by this release, but is now
deprecated. This is not secure. A future v1.0 release will
replace the TCP socket used between these processes with a Unix
Domain Socket, and then cross-host running will not be
possible.
+ Security fix: Improper handling of session establishment errors
allows bypassing OS-level session restrictions
(CVE-2023-40184).
+ Bug fixes:
- Environment variables set by PAM modules are no longer
restricted to around 250 characters.
- X11 clipboard clients now no longer hang when requesting a
clipboard format which isn't available.
OBS-URL: https://build.opensuse.org/request/show/1118552
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/xrdp?expand=0&rev=121
