-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 25 May 2025 15:16:34 +0530 Source: xrdp Binary: xrdp xrdp-dbgsym Architecture: amd64 Version: 0.9.21.1-1+deb12u1 Distribution: bookworm Urgency: high Maintainer: all / amd64 / i386 Build Daemon (x86-conova-01) Changed-By: Abhijith PA Description: xrdp - Remote Desktop Protocol (RDP) server Closes: 1051061 1053284 1076769 Changes: xrdp (0.9.21.1-1+deb12u1) bookworm; urgency=high . * Non-maintainer upload * Fix CVE-2023-40184: Improper handling of session establishment errors allows bypassing OS-level session restrictions. The `auth_start_session` function can return non-zero. PAM error which may result in session restrictions such as max concurrent sessions per user by PAM (ex ./etc/security/limits.conf) to be bypassed (Closes: #1051061) * Fix CVE-2023-42822: Access to the font glyphs in xrdp_painter.c is not bounds-checked. (Closes: #1053284) * Fix CVE-2024-39917: vulnerability that allows attackers to make an infinite number of login attempts. (Closes: #1076769) Checksums-Sha1: 327a7afcdade8ad8d10be93f0d16d3c48ad617f7 854796 xrdp-dbgsym_0.9.21.1-1+deb12u1_amd64.deb b754001b8f5550fe383d2b61b9000833254cefcd 7986 xrdp_0.9.21.1-1+deb12u1_amd64-buildd.buildinfo 1e60a0db88fd0d65164a097b0a222745f8e5ad85 490784 xrdp_0.9.21.1-1+deb12u1_amd64.deb Checksums-Sha256: 8850001521ccf19d0007e90c580a6f8798b1df497ad7232e0fa2bd716c0d2d49 854796 xrdp-dbgsym_0.9.21.1-1+deb12u1_amd64.deb d78ee40ba557d9b73ff123f82d4fe0ca44b4c1236102f6b786e470e86d20521b 7986 xrdp_0.9.21.1-1+deb12u1_amd64-buildd.buildinfo 6da54bfbe34d88137bdf4e78c5e1d7860184182c3f078f5050c37c6be360f1d7 490784 xrdp_0.9.21.1-1+deb12u1_amd64.deb Files: 0599171df8d0bb86ccfe083f30930195 854796 debug optional xrdp-dbgsym_0.9.21.1-1+deb12u1_amd64.deb b5e6ba96b49e410215b8ded730599e1e 7986 net optional xrdp_0.9.21.1-1+deb12u1_amd64-buildd.buildinfo 62fb720259a0e542cc5e4c818f83a1b0 490784 net optional xrdp_0.9.21.1-1+deb12u1_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEaPzFtKPtF0JrKPV5iZlfn74WV6kFAmg7ehoACgkQiZlfn74W V6lG2w/+K+mH0+PzKgy0Du16PW4QN4GJV6LM19f6+FMrf6++dW+DpC5pj8UxwEYK 4aK2Bsuv9bK/DvyzA+WdNIOYguek3rat7btfNWarfmStPNLmBFVUJKoiYvt6fS3u Cf6RIp4apJlvmII502x92YPgQZUVHxrbe6MZ4i2yrlS0h6zQoyO5X/0rU/OWzsGD F+qsRM8E67bTx/pAcWXPo/F6tX/+zscPIEhadtVsm2mZyd90vvwxhbENCLeVCBc3 hyepeKz2odEYNHos3OMS82fkBLXrmQM/G6LGLqDavUN8PTQdFhfurVScWO4TIL5D JQcMkYRhGaRlPNhLq53dunq3pp+t82G5j7dP8M3f5aVNZHkZnzmjrDVG1Bxa4lJu vbguiZ7sgmgTijI1oJDWNWrG7NVFFhcwAv747GnhN0IWzq+egeYKFn2TdLf1jJIM H3PU3gqnp1rqtnf44aN3HXHf7xW7tpQxwWUjG5pzt90Oza7rrnx3qQwmCsfOZdgc Fp9d58u5By208EQMQHaUFZQPnFxl7c0G7soRqV4nowXFXOk+qotpKg8yLEJ24eLi M66yFIsd7SQNIl5Nx3vgLNGM0172Ekm4oJdtDBbGwRFv6ma/VpxRPYSclATWFDDY XdC8GTWevIdr94U5aBfXWilBMlJl6U7LxFnyqc7VDrlnBQXHS3c= =nNN4 -----END PGP SIGNATURE-----