Overview

File _patchinfo of Package patchinfo.7006

<patchinfo incident="7006">
  <issue id="1101506" tracker="bnc"> xrdp KillDisconnected ignored</issue>
  <issue id="1100453" tracker="bnc"> Delayed X KeyRelease Events in xrdp Session</issue>
  <issue id="1015567" tracker="bnc">VUL-0: CVE-2013-1430: xrdp: xrdp create ~/.vnc/sesman_${username}_passwd with (equivalent of) cleartext password of user</issue>
  <issue id="1014524" tracker="bnc">After updating to SLES 12 for SAP SP02, XRDP does not work anymore</issue>
  <issue id="1029912" tracker="bnc">VUL-0: CVE-2017-6967: xrdp:  0.9.1 calls the PAM function auth_start_session() in an incorrect location</issue>
  <issue id="1060644" tracker="bnc">L3-Question: xrdp seems to have a hard coded port for xrdp session manager, config settings are not fully read</issue>
  <issue tracker="bnc" id="1090174">"remote desktop access" failed from "Win 10" to SLE11SP4 after updating xrdp to the version from the update "SUSE:Maintenance:7071:161735"</issue>
  <issue id="1022098" tracker="bnc">XRDP not working with 32 bit colour depth</issue>
  <issue id="1069591" tracker="bnc">VUL-0: CVE-2017-16927: xrdp: Buffer-overflow in scp_v0s_accept function in session manager</issue>
  <issue id="1023988" tracker="bnc">xrdp ignores locale language settings</issue>
  <issue id="2017-16927" tracker="cve" />
  <issue id="2013-1430" tracker="cve" />
  <issue id="2017-6967" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>zhangxiaofei</packager>
  <description>This update for xrdp fixes the following issues:

Security issues fixed: 

- CVE-2013-1430:  When successfully logging in using RDP into an xrdp session,
  the file ~/.vnc/sesman_${username}_passwd was created. Its content was the equivalent
  of the user's cleartext password, DES encrypted with a known key (bsc#1015567).
- CVE-2017-16927: The scp_v0s_accept function in sesman/libscp/libscp_v0.c in the session manager
  in xrdp through used an untrusted integer as a write length, which could lead to a
  local denial of service (bsc#1069591).
- CVE-2017-6967: Fixed call of the PAM function auth_start_session(). This lead
  to to PAM session modules not being properly initialized, with a potential
  consequence of incorrect configurations or elevation of privileges, aka a
  pam_limits.so bypass (bsc#1029912).

Other issues addressed:

- The KillDisconnected option for TigerVNC Xvnc sessions is now supported (bsc#1101506)
- Fixed an issue with delayed X KeyRelease events (bsc#1100453)
- Force xrdp-sesman.service to start after xrdp.service. (bsc#1014524)
- Avoid use of hard-coded sesman port. (bsc#1060644)
- Backport upstream commit 5575197,
  sesman should stop setting LANG and let initialization scripts
  take care of it (bsc#1023988).
- Backport upstream patches for 32bpp support (bsc#1022098).
- Fixed a regression connecting from Windows 10. (bsc#1090174)
</description>
  <summary>Security update for xrdp</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places