Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 5502-1] xrdp security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5502-1] xrdp security update


Chronologisch Thread  
    < Chronologisch >       < Thread >
  • From: Markus Koschany <apo AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 5502-1] xrdp security update
  • Date: Mon, 18 Sep 2023 21:42:53 +0000
  • Authentication-results: mail.piratenpartei.de; dkim=none; spf=none (mail.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 82.195.75.100) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"; dmarc=none
  • List-archive: https://lists.debian.org/msgid-search/ZQjEXXrxcAk9iVSU AT seger.debian.org
  • List-id: <debian-security-announce.lists.debian.org>
  • List-url: <http://lists.debian.org/debian-security-announce/>
  • Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From:Date :Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=DGvI6ku4OmS6RjRfZzoRk9AsukkP+/VY2+JvKo1umkk=; b=EP JtR//qbSXNPfk1LkUNlRoHl7T2gFMPwt5AKu8oZQ4he7HUPULhhaZC1xTJG1JGb/e4bQjQsA0Knxc 7E2bibo7QOrewv+i1IFviziF8CZsF49IKNB0FgCw4jGXEcPA6q2VQ5F2GlcDfnTUE2AQG7Zcbty6h aBJmManEZCyZQc+g2pLr4q7Kdz7EsdI422LAz5a6R7P+U385pj08GPIm8CM1ZTEPRi9/c7WIsIH+N +lKs1WA0KDWLplFeMn981w4kejnI7Pe8UOm78VesAoIz6wjsss+eXVJ6ox4cBzE/9w2lat/4HlO5B 9adyHLsYdGptp6CA4/rVrVdmsErMZ40w==;
  • Old-return-path: <apo AT seger.debian.org>
  • Priority: urgent
  • Resent-date: Mon, 18 Sep 2023 22:00:13 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <TqG9RExXBJC.A.h4C.thMClB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5502-1 security AT debian.org
https://www.debian.org/security/ Markus Koschany
September 18, 2023 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : xrdp
CVE ID : CVE-2022-23468 CVE-2022-23477 CVE-2022-23478 CVE-2022-23479
CVE-2022-23480 CVE-2022-23481 CVE-2022-23482 CVE-2022-23483
CVE-2022-23484 CVE-2022-23493
Debian Bug : 1025879

Multiple security vulnerabilities have been found in xrdp, a remote desktop
protocol server. Buffer overflows and out-of-bound writes may cause a denial
of
service or other unspecified impact.

For the oldstable distribution (bullseye), these problems have been fixed
in version 0.9.21.1-1~deb11u1.

We recommend that you upgrade your xrdp packages.

For the detailed security status of xrdp please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/xrdp

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmUIwmtfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeThjg/+LX307ih4HHt95scGu4iiL1/mARPsTNSKYNqcYMoyM1HlqNdxQ4jGqFaO
oUrP24gqx88hH20Xpr1zGe4YGS7IqlWOfo43CSyBiBE3yuCfbE4Qg+9LfF/nA3fC
BI150AL/i7O4uNXS/WZeoWfOHRahAUz0aMFi13/9iCJW+a+ckSjJCrlKtcHV7kSD
Vg80bHFNc7mdecTj3kqkq7IDOb2WQaXloE5WGUzstIt9EC3Y9zJ7UhGPA4K0iPP1
GlZaAIFro+fMPkgwXlqWtOcep9Ru5/gFzhZjK3q9m2g0YDpdru70hcyYw+Qjo5So
IbXfB97U8Bd1aGnxPaqK65WSx3U6ROBWOLJtDdeAWt6Y2oWyDM+c6MZbnAcQsV2C
7HkgEkjRAbzVwTioqOnk/XsSrDEEb7FqF0/AO5ZRsop0fYON2CXzuEBMnQf+jt4G
Ce+iY8C1ajO222atb+jh9B245NNsnJy4WG54hwUv6jbbRbzQGPeIAkkQ/tnieVrJ
CwCvXhEHobYmGnzBJ7zoTBK3U2MeALoQNdvuvzd50UTw1qbj1tfgtN+QZeJ2yS4P
cektvrQ0CKs2EZMmaUM69Ldb66D+9qgRipbh/AC648/6I2ivMO7MArg8bkoFI3t5
+jZD99bnwfBFuFTGpF8IaFhuuWHGHzm+5nvN77WErw0FMUxq0o0=
=WCQI
-----END PGP SIGNATURE-----


  • [IT-SecNots] [SECURITY] [DSA 5502-1] xrdp security update, Markus Koschany, 19.09.2023

Archiv bereitgestellt durch MHonArc 2.6.24.

Seitenanfang