Re: Planned upload for xrdp
Vincent Bernat wrote:
> Hi!
>
> I am planning a new upload for xrdp. This would fix some pending
> security issues. However, there are some other changes :
>
> xrdp (0.4.0~dfsg-9) unstable; urgency=high
>
> * Fix CVE-2008-5902 and CVE-2008-5904 with the help of patches proposed
> by Ondrej Kolacek. The patch fixing CVE-2008-5902 also happens to fix
> CVE-2008-5903 by checking boundary before calling add_char_at(). This
> closes: #511641.
> * Really add patch to fix monochrome cursor issue.
> * Also updates Standards-Version and add ${misc:Depends} macro.
> * Don't use Pa macro in xrdp-keygen manual page.
>
> -- Vincent Bernat <bernat@debian.org> Fri, 23 Jan 2009 21:29:14 +0100
>
> The biggest "unwanted" changes is the real application of monochrome
> cursor issue. It should have been added in the previous release but
> unfortunately, I failed to really apply the patch (missing from 00list).
>
> This patch is not really big, comes from upstream and is necessary when
> connecting from some Windows Vista.
>
> The security patches have been applied upstream.
unblocked
Cheers
Luk
Reply to: