Debian Package Tracker

general

source: xrdp (main)
version: 0.9.9-1
maintainer: Debian Remote Maintainers (archive) [DMD]
uploaders: Dominik George [DMD] – Andreas Tille [DMD] – Thorsten Glaser [DMD] – Mike Gabriel [DMD]
arch: any
std-ver: 4.2.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 0.6.1-2
old-bpo: 0.9.1-9~bpo8+1
stable: 0.9.1-9+deb9u3
stable-bpo: 0.9.8-2~bpo9+1
testing: 0.9.9-1
unstable: 0.9.9-1

versioned links

0.6.1-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.9.1-9~bpo8+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.9.1-9+deb9u3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.9.8-2~bpo9+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.9.9-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

xrdp

action needed

1 bug tagged patch in the BTS normal

The BTS contains patches fixing 1 bug, consider including or untagging them.

Created: 2018-10-01 Last update: 2019-03-22 16:16

Depends on packages which need a new maintainer normal

The packages that xrdp depends on which need a new maintainer are:

lsb (#924519)
- Depends: lsb-base

Created: 2019-03-13 Last update: 2019-03-22 13:27

1 new commit since last upload, time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 0.9.9-2, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 0aa16671413642d911266827df52c9b435183968
Author: mirabilos <thorsten.glaser@teckids.org>
Date:   Thu Mar 14 16:52:10 2019 +0100

    follow redirect to new homepage

Created: 2019-03-14 Last update: 2019-03-21 22:09

3 ignored security issues in jessie low

There are 3 open security issues in jessie.

3 issues skipped by the security teams:

CVE-2017-16927: The scp_v0s_accept function in sesman/libscp/libscp_v0.c in the session manager in xrdp through 0.9.4 uses an untrusted integer as a write length, which allows local users to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted input stream.
CVE-2013-1430: An issue was discovered in xrdp before 0.9.1. When successfully logging in using RDP into an xrdp session, the file ~/.vnc/sesman_${username}_passwd is created. Its content is the equivalent of the user's cleartext password, DES encrypted with a known key.
CVE-2017-6967: xrdp 0.9.1 calls the PAM function auth_start_session() in an incorrect location, leading to PAM session modules not being properly initialized, with a potential consequence of incorrect configurations or elevation of privileges, aka a pam_limits.so bypass.

Please fix them.

Created: 2016-12-11 Last update: 2019-01-18 08:49

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.3.0 instead of 4.2.1).

Created: 2018-12-23 Last update: 2019-01-13 20:36

news

[rss feed]

[2019-01-18] xrdp 0.9.9-1 MIGRATED to testing (Debian testing watch)
[2019-01-13] Accepted xrdp 0.9.9-1 (source amd64) into unstable (Dominik George)
[2018-10-02] Accepted xrdp 0.9.8-2~bpo9+1 (source) into stretch-backports (Dominik George)
[2018-10-02] xrdp 0.9.8-2 MIGRATED to testing (Debian testing watch)
[2018-09-27] Accepted xrdp 0.9.8-2 (source) into unstable (Dominik George)
[2018-09-26] Accepted xrdp 0.9.8-1 (source) into unstable (Dominik George)
[2018-08-06] xrdp REMOVED from testing (Debian testing watch)
[2018-07-07] Accepted xrdp 0.9.1-9+deb9u3 (source) into proposed-updates->stable-new, proposed-updates (Dominik George) (signed by: Salvatore Bonaccorso)
[2018-04-13] Accepted xrdp 0.9.6-1~bpo9+1 (source amd64) into stretch-backports, stretch-backports (Dominik George)
[2018-04-06] xrdp 0.9.6-1 MIGRATED to testing (Debian testing watch)
[2018-03-31] Accepted xrdp 0.9.6-1 (source) into unstable (Dominik George)
[2018-02-23] Accepted xrdp 0.9.1-9+deb9u2 (source amd64) into proposed-updates->stable-new, proposed-updates (Dominik George)
[2018-02-22] xrdp 0.9.5-2 MIGRATED to testing (Debian testing watch)
[2018-02-16] Accepted xrdp 0.9.5-2 (source amd64) into unstable (Dominik George)
[2018-01-13] xrdp 0.9.5-1 MIGRATED to testing (Debian testing watch)
[2018-01-07] Accepted xrdp 0.9.5-1 (source amd64) into unstable (Dominik George)
[2017-12-25] xrdp 0.9.4-5 MIGRATED to testing (Debian testing watch)
[2017-12-22] Accepted xrdp 0.9.4-5 (source i386) into unstable, unstable (Thorsten Glaser)
[2017-12-22] Accepted xrdp 0.9.4-4 (source i386) into unstable (Thorsten Glaser)
[2017-12-21] Accepted xrdp 0.9.4-3 (source amd64) into unstable (Dominik George)
[2017-12-17] xrdp 0.9.4-2 MIGRATED to testing (Debian testing watch)
[2017-12-15] Accepted xrdp 0.9.4-2 (source amd64) into unstable (Dominik George)
[2017-12-12] Accepted xrdp 0.5.0-2+deb7u3 (source amd64) into oldoldstable (Lucas Kanashiro)
[2017-12-11] Accepted xrdp 0.5.0-2+deb7u2 (source amd64) into oldoldstable (Lucas Kanashiro)
[2017-11-18] Accepted xrdp 0.9.1-9+deb9u1 (source) into proposed-updates->stable-new, proposed-updates (Dominik George)
[2017-10-25] Accepted xrdp 0.9.4-1~bpo9+1 (source i386) into stretch-backports, stretch-backports (Dominik George) (signed by: Thorsten Glaser)
[2017-10-25] Accepted xrdp 0.9.1-9~bpo8+1 (source i386) into jessie-backports->backports-policy, jessie-backports (Thorsten Glaser)
[2017-10-15] xrdp 0.9.4-1 MIGRATED to testing (Debian testing watch)
[2017-10-09] Accepted xrdp 0.9.4-1 (source amd64) into unstable (Dominik George)
[2017-05-08] xrdp 0.9.1-9 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 10 11
RC: 1
I&N: 7 8
M&W: 2
F&P: 0
patch: 1

links

homepage
lintian
buildd: logs, clang, reproducibility
popcon
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 0.9.9-1
49 bugs (2 patches)