You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa xrdp

Sigurnosni nedostatak programskog paketa xrdp

by ncert - 0
  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

——————————————————————————–
Fedora Update Notification
FEDORA-2015-11756
2015-07-17 23:28:49
——————————————————————————–

Name : xrdp
Product : Fedora 21
Version : 0.6.1
Release : 11.fc21
URL : http://xrdp.sourceforge.net/
Summary : Open source remote desktop protocol (RDP) server
Description :
The goal of this project is to provide a fully functional Linux terminal
server, capable of accepting connections from rdesktop and Microsoft’s own
terminal server / remote desktop clients.

——————————————————————————–
Update Information:

Attempt to fix this DoS.
——————————————————————————–
ChangeLog:

* Fri Jul 17 2015 Bojan Smojver <bojan@rexursive.com> – 1:0.6.1-11
– attempt to fix bug #1194213
* Thu Jun 4 2015 Bojan Smojver <bojan@rexursive.com> – 1:0.6.1-10
– remove -ac from X server calls: bug #1105202
– put other sesman.ini changes into a patch
* Fri May 15 2015 Bojan Smojver <bojan@rexursive.com> – 1:0.6.1-9
– hopefully better service dependencies
* Thu Apr 23 2015 Dan Horák <dan[at]danny.cz> – 1:0.6.1-8
– fix upgrade path after the 0.8 bump in 2014-09 by adding Epoch
* Mon Dec 22 2014 Bojan Smojver <bojan@rexursive.com> – 0.6.1-7
– add a delay loop when connecting to VNC back end
* Mon Dec 8 2014 Bojan Smojver <bojan@rexursive.com> – 0.6.1-6
– use systemd rpm macros: bug #850374
——————————————————————————–
References:

[ 1 ] Bug #1194213 – xrdp: denial of service when validating user accounts against plain passwd files/via shadow-utils
https://bugzilla.redhat.com/show_bug.cgi?id=1194213
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update xrdp’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

AutorMarko Stanec
Cert idNCERT-REF-2015-07-0019-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
Izvorhttp://www.adobe.com/
ncert
Top
More in Preporuke
Ranjivosti programske biblioteke libwmf

Otkrivene su ranjivosti u programskoj biblioteci libwmf za Fedoru uzrokovane nepravilnom obradom WMF datoteka. Potencijalni udaljeni napadači ranjivosti bi mogli...

Close