Package: xrdp / 0.9.21.1-1+deb12u1

Metadata

Package Version Patches format
xrdp 0.9.21.1-1+deb12u1 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
make fixes.diff | (download)

xrdp/Makefile.am | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 
 build system fixes
config.diff | (download)

sesman/sesman.ini | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 
 use xorgxrdp instead of x11rdp
fix_perms.diff | (download)

common/os_calls.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 
 fix permissions between xrdp and sesman.
 Attempt to fix connection problem between xrdp-sesman (running
 as root) and xrdp (running as xrdp) by creating the socket for
 the xorgxrdp server as 0660 in a sgid-xrdp directory, since we
 cant easily chgrp here; also fix retval check for listen(2)
systemd.diff | (download)

instfiles/xrdp-sesman.service.in | 3 2 + 1 - 0 !
instfiles/xrdp.service.in | 7 6 + 1 - 0 !
2 files changed, 8 insertions(+), 2 deletions(-)

 
 fixes to systemd service files
lfs.diff | (download)

configure.ac | 4 4 + 0 - 0 !
libpainter/configure.ac | 3 3 + 0 - 0 !
librfxcodec/configure.ac | 3 3 + 0 - 0 !
3 files changed, 10 insertions(+)

 
 enable large file support on (at least) 32-bit linux
pulse debian.patch | (download)

instfiles/pulse/default.pa | 6 6 + 0 - 0 !
1 file changed, 6 insertions(+)

 
 use absolute path to pulseaudio modules
 The modules are installed to their locations by the
 xrdp-build-pulse-modules script from the former
 xrdp-pulseaudio-installer package. The upstream
 pulseaudio-module-xrdp/wiki/README instructions
 install the module into the PA directory and do
 not need this patch.
var run.diff | (download)

instfiles/xrdp-sesman.service.in | 2 1 + 1 - 0 !
instfiles/xrdp.service.in | 2 1 + 1 - 0 !
2 files changed, 2 insertions(+), 2 deletions(-)

 
 assume hard that /run  /var/run, to please lintian
document certs.diff | (download)

xrdp/xrdp.ini | 2 2 + 0 - 0 !
1 file changed, 2 insertions(+)

 
 document ssl certificate ownership needs
fix environment.diff | (download)

instfiles/pam.d/xrdp-sesman.debian | 2 2 + 0 - 0 !
1 file changed, 2 insertions(+)

 
 initialise the environment properly
CVE 2023 40184.patch | (download)

sesman/session.c | 7 6 + 1 - 0 !
sesman/verify_user_pam.c | 24 22 + 2 - 0 !
2 files changed, 28 insertions(+), 3 deletions(-)

 
---
CVE 2023 42822.patch | (download)

xrdp/xrdp.h | 9 9 + 0 - 0 !
xrdp/xrdp_font.c | 113 95 + 18 - 0 !
xrdp/xrdp_painter.c | 10 5 + 5 - 0 !
xrdp/xrdp_types.h | 8 6 + 2 - 0 !
4 files changed, 115 insertions(+), 25 deletions(-)

 
 [patch] cve-2023-42822

- font_items in struct xrdp_font renamed to chars to catch all
  accesses to it. This name is consistent with the type of
  the array elements (struct xrdp_font_char).
- Additional fields added to struct xrdp_font to allow for range
  checking and for a default character to be provided
- Additional checks and logic added to xrdp_font_create()
- New macro XRDP_FONT_GET_CHAR() added to perform checked access
  to chars field in struct xrdp_font
CVE 2024 39917.patch | (download)

docs/man/xrdp.ini.5.in | 10 6 + 4 - 0 !
libxrdp/xrdp_sec.c | 28 21 + 7 - 0 !
xrdp/xrdp.ini | 3 2 + 1 - 0 !
xrdp/xrdp_mm.c | 7 7 + 0 - 0 !
4 files changed, 36 insertions(+), 12 deletions(-)

 
 cve-2024-39917