[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#861844: marked as done (unblock: xrdp/0.9.1-9)

Your message dated Thu, 04 May 2017 20:56:00 +0000
with message-id <b618ff51-8616-bdba-1d00-0747228492c0@thykier.net>
and subject line Re: Bug#861844: unblock: xrdp/0.9.1-9
has caused the Debian Bug report #861844,
regarding unblock: xrdp/0.9.1-9
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
861844: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861844
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Please unblock package xrdp

This package updates the security fix in 0.9.1-8, which turned out to be incomplete.

diff -Nru xrdp-0.9.1/debian/changelog xrdp-0.9.1/debian/changelog
- --- xrdp-0.9.1/debian/changelog	2017-04-24 20:14:36.000000000 +0200
+++ xrdp-0.9.1/debian/changelog	2017-05-04 18:59:10.000000000 +0200
@@ -1,3 +1,9 @@
+xrdp (0.9.1-9) unstable; urgency=high
+
+  * Revisit incomplete fix for CVE-2017-6967. (Closes: #858143)
+
+ -- Dominik George <nik@naturalnet.de>  Thu, 04 May 2017 18:59:10 +0200
+
 xrdp (0.9.1-8) unstable; urgency=medium
 
   * Fix CVE-2017-6967. (Closes: #858143, #855536)
diff -Nru xrdp-0.9.1/debian/patches/cve-2017-6967.diff xrdp-0.9.1/debian/patches/cve-2017-6967.diff
- --- xrdp-0.9.1/debian/patches/cve-2017-6967.diff	2017-04-24 20:14:36.000000000 +0200
+++ xrdp-0.9.1/debian/patches/cve-2017-6967.diff	2017-05-04 18:59:04.000000000 +0200
@@ -3,6 +3,8 @@
 Subject: [PATCH] sesman: move auth/pam calls to main process
 Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858143
 Origin: https://github.com/neutrinolabs/xrdp/commit/4b8a33e087ee9cf5556b40b717cd7e8ff243b3c3
+Reviewed-By: Dominik George <nik@naturalnet.de>
+Reviewed-By: Thorsten Glaser <tg@mirbsd.org>
 
 --- a/sesman/scp_v0.c
 +++ b/sesman/scp_v0.c
@@ -89,3 +91,46 @@
      g_free(slist);
  }
  
+--- a/sesman/session.c
++++ b/sesman/session.c
+@@ -335,7 +335,6 @@ session_start_sessvc(int xpid, int wmpid
+     g_sigterm(xpid);
+     g_sigterm(wmpid);
+     g_sleep(1000);
+-    auth_end(data);
+     g_exit(0);
+ }
+ 
+@@ -490,6 +489,7 @@ session_start_fork(tbus data, tui8 type,
+         return 0;
+     }
+ 
++    auth_start_session(data, display);
+     pid = g_fork(); /* parent is fork from tcp accept,
+                        child forks X and wm, then becomes scp */
+ 
+@@ -548,7 +548,6 @@ session_start_fork(tbus data, tui8 type,
+         else if (wmpid == 0)
+         {
+             wait_for_xserver(display);
+-            auth_start_session(data, display);
+             pampid = g_fork(); /* parent waits, todo
+                                   child becomes wm */
+             if (pampid == -1)
+@@ -639,7 +638,6 @@ session_start_fork(tbus data, tui8 type,
+             else
+             {
+                 g_waitpid(pampid);
+-                auth_stop_session(data);
+                 g_deinit();
+                 g_exit(0);
+             }
+@@ -967,6 +965,8 @@ session_kill(int pid)
+ 
+         if (tmp->item->pid == pid)
+         {
++            auth_stop_session(tmp->item->data);
++            auth_end(tmp->item->data);
+             /* deleting the session */
+             log_message(LOG_LEVEL_INFO, "++ terminated session:  username %s, display :%d.0, session_pid %d, ip %s", tmp->item->name, tmp->item->display, tmp->item->pid, tmp->item->client_ip);
+             g_free(tmp->item);


unblock xrdp/0.9.1-9

- -- System Information:
Debian Release: 9.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

-----BEGIN PGP SIGNATURE-----

iQJ4BAEBCABiFiEEPJ1UpHV1wCb7F/0mt5o8FqDE8pYFAlkLYAMxGmh0dHBzOi8v
d3d3LmRvbWluaWstZ2VvcmdlLmRlL2dwZy1wb2xpY3kudHh0LmFzYxIcbmlrQG5h
dHVyYWxuZXQuZGUACgkQt5o8FqDE8pYRAw//bw6MocflTzsylMfGLlakD7gaZCzF
6DGjfgTRVuycCBT8kkGcIutG1ZEnQLW62JXKDfpzPomvyyNbE49TqxosNrMR1/kd
Gb13bVA989K3VSZEVmxV9MgQIz9NbnetdkBvgbmNwDlqcwnyhSLX5VwE+NhOcDF2
rU+uhhvjIbHpqer7bJAo7iyKAC4kEffNs1gQkEvvc8/BYGqOD6l+3glE3rbjGE1k
li5/uo0jBpo1Dexn6n0Q0Q7L/yUmXiuy8+1/2hVBWgMVB+r2Rp2XK4+lsZMp4WV+
9NoTGMtSEDduZxXOQcVPaljO6cNfMEoQVwUcv/KStTx24lCCWdtus1Yk7X0ie1D3
WeVX2yFZdBU/AT2qWzI2iODRaddLOtTMXtVGlXUqnp0+uTtv1EUOrJMAJoaXpKQY
WZ6mR+LBZXPFBd6gkPq0p8lxvK0PVwl/fbZPXSH2vr8LJfJdDwXajMRrIWgWmfXv
3PYdjkGCqtNZeKcC0uzu9bXHyFFfFqm2BGGzhziC1ReutZ4BnmdxJa6LtYor8WRf
rsMsyL0T+uF/lJofmkuQs30OZExxc0qVnFiLxP57AZnJrO7GfUfUL4zkx9nP/dJr
Xtf8VST/dwhDYUj4Q7PjVGmbIAdgWzR5ZkR6yNejiidpI8mWzVv0vaJGK3m3Ky6f
vHyxYjeok7czajA=
=4M+b
-----END PGP SIGNATURE-----

--- End Message ---
--- Begin Message --- 
Dominik George:
> Package: release.debian.org
> Severity: normal
> User: release.debian.org@packages.debian.org
> Usertags: unblock
> 
> Please unblock package xrdp
> 
> This package updates the security fix in 0.9.1-8, which turned out to be incomplete.
> 
> [...]
> 
> unblock xrdp/0.9.1-9
> 
> [...]
> 
> 

Unblocked, thanks.

~Niels

--- End Message ---
Reply to: