Monthly Archives: September 2023

Advisories

xrdp-0.9.23-1.el7

Read Time:1 Minute, 0 Second

FEDORA-EPEL-2023-0640e2bbd1

Packages in this update:

xrdp-0.9.23-1.el7

Update description:

Release notes for xrdp v0.9.23 (2023/08/31)

General announcements

Running xrdp and xrdp-sesman on separate hosts is still supported by this release, but is now deprecated. This is not secure. A future v1.0 release will replace the TCP socket used between these processes with a Unix Domain Socket, and then cross-host running will not be possible.

Security fixes

CVE-2023-40184: Improper handling of session establishment errors allows bypassing OS-level session restrictions (Reported by @gafusss)

Bug fixes

Environment variables set by PAM modules are no longer restricted to around 250 characters (#2712)
X11 clipboard clients now no longer hang when requesting a clipboard format which isn’t available (#2767)

New features

No new features in this release.
Internal changes

Introduce release tarball generation script (#2703)
cppcheck version used for CI bumped to 2.11 (#2738)

Known issues

On-the-fly resolution change requires the Microsoft Store version of Remote Desktop client but sometimes crashes on connect (#1869)
xrdp’s login dialog is not relocated at the center of the new resolution after on-the-fly resolution change happens (#1867)

Read More

Advisories

xrdp-0.9.23-1.el8

Read Time:1 Minute, 0 Second

FEDORA-EPEL-2023-6770a3482d

Packages in this update:

xrdp-0.9.23-1.el8

Update description:

Release notes for xrdp v0.9.23 (2023/08/31)

General announcements

Running xrdp and xrdp-sesman on separate hosts is still supported by this release, but is now deprecated. This is not secure. A future v1.0 release will replace the TCP socket used between these processes with a Unix Domain Socket, and then cross-host running will not be possible.

Security fixes

CVE-2023-40184: Improper handling of session establishment errors allows bypassing OS-level session restrictions (Reported by @gafusss)

Bug fixes

Environment variables set by PAM modules are no longer restricted to around 250 characters (#2712)
X11 clipboard clients now no longer hang when requesting a clipboard format which isn’t available (#2767)

New features

No new features in this release.
Internal changes

Introduce release tarball generation script (#2703)
cppcheck version used for CI bumped to 2.11 (#2738)

Known issues

On-the-fly resolution change requires the Microsoft Store version of Remote Desktop client but sometimes crashes on connect (#1869)
xrdp’s login dialog is not relocated at the center of the new resolution after on-the-fly resolution change happens (#1867)

Read More

Advisories

xrdp-0.9.23-1.el9

Read Time:1 Minute, 0 Second

FEDORA-EPEL-2023-c2aea8a27e

Packages in this update:

xrdp-0.9.23-1.el9

Update description:

Release notes for xrdp v0.9.23 (2023/08/31)

General announcements

Running xrdp and xrdp-sesman on separate hosts is still supported by this release, but is now deprecated. This is not secure. A future v1.0 release will replace the TCP socket used between these processes with a Unix Domain Socket, and then cross-host running will not be possible.

Security fixes

CVE-2023-40184: Improper handling of session establishment errors allows bypassing OS-level session restrictions (Reported by @gafusss)

Bug fixes

Environment variables set by PAM modules are no longer restricted to around 250 characters (#2712)
X11 clipboard clients now no longer hang when requesting a clipboard format which isn’t available (#2767)

New features

No new features in this release.
Internal changes

Introduce release tarball generation script (#2703)
cppcheck version used for CI bumped to 2.11 (#2738)

Known issues

On-the-fly resolution change requires the Microsoft Store version of Remote Desktop client but sometimes crashes on connect (#1869)
xrdp’s login dialog is not relocated at the center of the new resolution after on-the-fly resolution change happens (#1867)

Read More