Bug#861844: unblock: xrdp/0.9.1-9
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Please unblock package xrdp
This package updates the security fix in 0.9.1-8, which turned out to be incomplete.
diff -Nru xrdp-0.9.1/debian/changelog xrdp-0.9.1/debian/changelog
- --- xrdp-0.9.1/debian/changelog 2017-04-24 20:14:36.000000000 +0200
+++ xrdp-0.9.1/debian/changelog 2017-05-04 18:59:10.000000000 +0200
@@ -1,3 +1,9 @@
+xrdp (0.9.1-9) unstable; urgency=high
+
+ * Revisit incomplete fix for CVE-2017-6967. (Closes: #858143)
+
+ -- Dominik George <nik@naturalnet.de> Thu, 04 May 2017 18:59:10 +0200
+
xrdp (0.9.1-8) unstable; urgency=medium
* Fix CVE-2017-6967. (Closes: #858143, #855536)
diff -Nru xrdp-0.9.1/debian/patches/cve-2017-6967.diff xrdp-0.9.1/debian/patches/cve-2017-6967.diff
- --- xrdp-0.9.1/debian/patches/cve-2017-6967.diff 2017-04-24 20:14:36.000000000 +0200
+++ xrdp-0.9.1/debian/patches/cve-2017-6967.diff 2017-05-04 18:59:04.000000000 +0200
@@ -3,6 +3,8 @@
Subject: [PATCH] sesman: move auth/pam calls to main process
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858143
Origin: https://github.com/neutrinolabs/xrdp/commit/4b8a33e087ee9cf5556b40b717cd7e8ff243b3c3
+Reviewed-By: Dominik George <nik@naturalnet.de>
+Reviewed-By: Thorsten Glaser <tg@mirbsd.org>
--- a/sesman/scp_v0.c
+++ b/sesman/scp_v0.c
@@ -89,3 +91,46 @@
g_free(slist);
}
+--- a/sesman/session.c
++++ b/sesman/session.c
+@@ -335,7 +335,6 @@ session_start_sessvc(int xpid, int wmpid
+ g_sigterm(xpid);
+ g_sigterm(wmpid);
+ g_sleep(1000);
+- auth_end(data);
+ g_exit(0);
+ }
+
+@@ -490,6 +489,7 @@ session_start_fork(tbus data, tui8 type,
+ return 0;
+ }
+
++ auth_start_session(data, display);
+ pid = g_fork(); /* parent is fork from tcp accept,
+ child forks X and wm, then becomes scp */
+
+@@ -548,7 +548,6 @@ session_start_fork(tbus data, tui8 type,
+ else if (wmpid == 0)
+ {
+ wait_for_xserver(display);
+- auth_start_session(data, display);
+ pampid = g_fork(); /* parent waits, todo
+ child becomes wm */
+ if (pampid == -1)
+@@ -639,7 +638,6 @@ session_start_fork(tbus data, tui8 type,
+ else
+ {
+ g_waitpid(pampid);
+- auth_stop_session(data);
+ g_deinit();
+ g_exit(0);
+ }
+@@ -967,6 +965,8 @@ session_kill(int pid)
+
+ if (tmp->item->pid == pid)
+ {
++ auth_stop_session(tmp->item->data);
++ auth_end(tmp->item->data);
+ /* deleting the session */
+ log_message(LOG_LEVEL_INFO, "++ terminated session: username %s, display :%d.0, session_pid %d, ip %s", tmp->item->name, tmp->item->display, tmp->item->pid, tmp->item->client_ip);
+ g_free(tmp->item);
unblock xrdp/0.9.1-9
- -- System Information:
Debian Release: 9.0
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable')
Architecture: amd64
(x86_64)
Foreign Architectures: i386
Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
-----BEGIN PGP SIGNATURE-----
iQJ4BAEBCABiFiEEPJ1UpHV1wCb7F/0mt5o8FqDE8pYFAlkLYAMxGmh0dHBzOi8v
d3d3LmRvbWluaWstZ2VvcmdlLmRlL2dwZy1wb2xpY3kudHh0LmFzYxIcbmlrQG5h
dHVyYWxuZXQuZGUACgkQt5o8FqDE8pYRAw//bw6MocflTzsylMfGLlakD7gaZCzF
6DGjfgTRVuycCBT8kkGcIutG1ZEnQLW62JXKDfpzPomvyyNbE49TqxosNrMR1/kd
Gb13bVA989K3VSZEVmxV9MgQIz9NbnetdkBvgbmNwDlqcwnyhSLX5VwE+NhOcDF2
rU+uhhvjIbHpqer7bJAo7iyKAC4kEffNs1gQkEvvc8/BYGqOD6l+3glE3rbjGE1k
li5/uo0jBpo1Dexn6n0Q0Q7L/yUmXiuy8+1/2hVBWgMVB+r2Rp2XK4+lsZMp4WV+
9NoTGMtSEDduZxXOQcVPaljO6cNfMEoQVwUcv/KStTx24lCCWdtus1Yk7X0ie1D3
WeVX2yFZdBU/AT2qWzI2iODRaddLOtTMXtVGlXUqnp0+uTtv1EUOrJMAJoaXpKQY
WZ6mR+LBZXPFBd6gkPq0p8lxvK0PVwl/fbZPXSH2vr8LJfJdDwXajMRrIWgWmfXv
3PYdjkGCqtNZeKcC0uzu9bXHyFFfFqm2BGGzhziC1ReutZ4BnmdxJa6LtYor8WRf
rsMsyL0T+uF/lJofmkuQs30OZExxc0qVnFiLxP57AZnJrO7GfUfUL4zkx9nP/dJr
Xtf8VST/dwhDYUj4Q7PjVGmbIAdgWzR5ZkR6yNejiidpI8mWzVv0vaJGK3m3Ky6f
vHyxYjeok7czajA=
=4M+b
-----END PGP SIGNATURE-----
Reply to: