Debian Package Tracker

general

source: xrdp (main)
version: 0.9.9-1
maintainer: Debian Remote Maintainers (archive) [DMD]
uploaders: Dominik George [DMD] – Andreas Tille [DMD] – Thorsten Glaser [DMD] – Mike Gabriel [DMD]
arch: any
std-ver: 4.2.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 0.6.1-2
oldstable: 0.9.1-9+deb9u3
old-bpo: 0.9.8-2~bpo9+1
stable: 0.9.9-1
testing: 0.9.9-1
unstable: 0.9.9-1

versioned links

0.6.1-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.9.1-9+deb9u3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.9.8-2~bpo9+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.9.9-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

xrdp (12 bugs: 1, 9, 2, 0)

action needed

A new upstream version is available: 0.9.10 high

A new upstream version 0.9.10 is available, you should consider packaging it.

Created: 2019-04-21 Last update: 2019-07-17 00:33

2 bugs tagged patch in the BTS normal

The BTS contains patches fixing 2 bugs, consider including or untagging them.

Created: 2019-04-01 Last update: 2019-07-17 04:35

Depends on packages which need a new maintainer normal

The packages that xrdp depends on which need a new maintainer are:

lsb (#924519)
- Depends: lsb-base

Created: 2019-03-13 Last update: 2019-07-17 03:39

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 0.9.9-2, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 0aa16671413642d911266827df52c9b435183968
Author: mirabilos <thorsten.glaser@teckids.org>
Date:   Thu Mar 14 16:52:10 2019 +0100

    follow redirect to new homepage

Created: 2019-03-14 Last update: 2019-07-16 19:39

3 ignored security issues in jessie low

There are 3 open security issues in jessie.

3 issues skipped by the security teams:

CVE-2017-6967: xrdp 0.9.1 calls the PAM function auth_start_session() in an incorrect location, leading to PAM session modules not being properly initialized, with a potential consequence of incorrect configurations or elevation of privileges, aka a pam_limits.so bypass.
CVE-2017-16927: The scp_v0s_accept function in sesman/libscp/libscp_v0.c in the session manager in xrdp through 0.9.4 uses an untrusted integer as a write length, which allows local users to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted input stream.
CVE-2013-1430: An issue was discovered in xrdp before 0.9.1. When successfully logging in using RDP into an xrdp session, the file ~/.vnc/sesman_${username}_passwd is created. Its content is the equivalent of the user's cleartext password, DES encrypted with a known key.

Please fix them.

Created: 2016-12-11 Last update: 2019-07-07 09:01

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.4.0 instead of 4.2.1).

Created: 2018-12-23 Last update: 2019-07-08 20:08

news

[rss feed]

[2019-01-18] xrdp 0.9.9-1 MIGRATED to testing (Debian testing watch)
[2019-01-13] Accepted xrdp 0.9.9-1 (source amd64) into unstable (Dominik George)
[2018-10-02] Accepted xrdp 0.9.8-2~bpo9+1 (source) into stretch-backports (Dominik George)
[2018-10-02] xrdp 0.9.8-2 MIGRATED to testing (Debian testing watch)
[2018-09-27] Accepted xrdp 0.9.8-2 (source) into unstable (Dominik George)
[2018-09-26] Accepted xrdp 0.9.8-1 (source) into unstable (Dominik George)
[2018-08-06] xrdp REMOVED from testing (Debian testing watch)
[2018-07-07] Accepted xrdp 0.9.1-9+deb9u3 (source) into proposed-updates->stable-new, proposed-updates (Dominik George) (signed by: Salvatore Bonaccorso)
[2018-04-13] Accepted xrdp 0.9.6-1~bpo9+1 (source amd64) into stretch-backports, stretch-backports (Dominik George)
[2018-04-06] xrdp 0.9.6-1 MIGRATED to testing (Debian testing watch)
[2018-03-31] Accepted xrdp 0.9.6-1 (source) into unstable (Dominik George)
[2018-02-23] Accepted xrdp 0.9.1-9+deb9u2 (source amd64) into proposed-updates->stable-new, proposed-updates (Dominik George)
[2018-02-22] xrdp 0.9.5-2 MIGRATED to testing (Debian testing watch)
[2018-02-16] Accepted xrdp 0.9.5-2 (source amd64) into unstable (Dominik George)
[2018-01-13] xrdp 0.9.5-1 MIGRATED to testing (Debian testing watch)
[2018-01-07] Accepted xrdp 0.9.5-1 (source amd64) into unstable (Dominik George)
[2017-12-25] xrdp 0.9.4-5 MIGRATED to testing (Debian testing watch)
[2017-12-22] Accepted xrdp 0.9.4-5 (source i386) into unstable, unstable (Thorsten Glaser)
[2017-12-22] Accepted xrdp 0.9.4-4 (source i386) into unstable (Thorsten Glaser)
[2017-12-21] Accepted xrdp 0.9.4-3 (source amd64) into unstable (Dominik George)
[2017-12-17] xrdp 0.9.4-2 MIGRATED to testing (Debian testing watch)
[2017-12-15] Accepted xrdp 0.9.4-2 (source amd64) into unstable (Dominik George)
[2017-12-12] Accepted xrdp 0.5.0-2+deb7u3 (source amd64) into oldoldstable (Lucas Kanashiro)
[2017-12-11] Accepted xrdp 0.5.0-2+deb7u2 (source amd64) into oldoldstable (Lucas Kanashiro)
[2017-11-18] Accepted xrdp 0.9.1-9+deb9u1 (source) into proposed-updates->stable-new, proposed-updates (Dominik George)
[2017-10-25] Accepted xrdp 0.9.4-1~bpo9+1 (source i386) into stretch-backports, stretch-backports (Dominik George) (signed by: Thorsten Glaser)
[2017-10-25] Accepted xrdp 0.9.1-9~bpo8+1 (source i386) into jessie-backports->backports-policy, jessie-backports (Thorsten Glaser)
[2017-10-15] xrdp 0.9.4-1 MIGRATED to testing (Debian testing watch)
[2017-10-09] Accepted xrdp 0.9.4-1 (source amd64) into unstable (Dominik George)
[2017-05-08] xrdp 0.9.1-9 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 12 13
RC: 1
I&N: 9 10
M&W: 2
F&P: 0
patch: 2

links

homepage
buildd: logs, clang, reproducibility, cross
popcon
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 0.9.9-1
50 bugs (2 patches)