Your message dated Fri, 22 Dec 2017 16:36:01 +0000
with message-id <[email protected]>
and subject line Bug#884453: fixed in xrdp 0.9.4-4
has caused the Debian Bug report #884453,
regarding xrdp: 100% CPU load on ssl_tls_accept
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
884453: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884453
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: xrdp
Version: 0.9.4-1
Severity: important
Tags: upstream pending
Forwarded: https://github.com/neutrinolabs/xrdp/issues/954
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
There is an infinite loop in ssl_tls_accept. It makes xrdp cause very
high CPU load, and malicious clients can exploit this by keeping many
SSL sessions open in this state.
More details in upstream bug tracker.
-----BEGIN PGP SIGNATURE-----
iQJ4BAEBCABiFiEEPJ1UpHV1wCb7F/0mt5o8FqDE8pYFAlozougxGmh0dHBzOi8v
d3d3LmRvbWluaWstZ2VvcmdlLmRlL2dwZy1wb2xpY3kudHh0LmFzYxIcbmlrQG5h
dHVyYWxuZXQuZGUACgkQt5o8FqDE8pYvEBAAiwnWk+2aIbHcP+hvGSGuSugJhJwF
iiglKO4TF5/s8Iof8U2Tt2CtyNgMOGpjd4cLW9TLkEGKDDH9Z6o/oZ9c8vvjBPay
fFD7Nrq7XU2v5+E1LaiWj7wOi8XQmQAc6ID320VFMbMo9gHNJG1u9h/wyV+HsRKQ
WSKD0dDXFxN7m2E4ECzwZugeihvPH0o1+f9i2vf4HlAkylkNgCqUesFadf6YDICM
07IZCkU9TT9AJ4LinYH9DhcJmU03mWsjP2lh2hpBFRzjXLjhEojkYD+Y29rQE8RJ
J6bYyBGdC22kvdmvDuG9UqjbM0O9fMuefyDVdn2lxEs0f2RgQkH8jOOLYzo7DqcY
S0UA8Zaxo8u+mJSnwLoy7+O0Kc5QdnIbfpfRI/JjBtvklMnbGMe+QcyQJ/RsUZuK
K9rcg+MKLyO8oAnGtiB3u1b6fCMt4VrGxDia/yoge1QQo340lYzsyvrdNUsR7kkc
QvGm2RAI7n0YFWmHhifOUGw6GtCqTfFcU+EGcOY9/ZZjNem2Ki915EYEDXTqq0Z/
qcEz4UQUWCdCyjv9Ik+ZvFAAwmFH+qCHltWmBkbK1jUK6S4v13PmB9k70ZzF59zb
VKD6iAKvTihO0dHGtZN9CIhJHpB8z6dLm8hdSJdjfeyXAxvJoh8AUzRUP8uycGXC
1my6qMZiBSXT+/M=
=dnOz
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
Source: xrdp
Source-Version: 0.9.4-4
We believe that the bug you reported is fixed in the latest version of
xrdp, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Thorsten Glaser <[email protected]> (supplier of updated xrdp package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA384
Format: 1.8
Date: Fri, 22 Dec 2017 17:06:00 +0100
Source: xrdp
Binary: xrdp xorgxrdp
Architecture: source i386
Version: 0.9.4-4
Distribution: unstable
Urgency: high
Maintainer: Debian Remote Maintainers <[email protected]>
Changed-By: Thorsten Glaser <[email protected]>
Description:
xorgxrdp - Remote Desktop Protocol (RDP) modules for X.org
xrdp - Remote Desktop Protocol (RDP) server
Closes: 882246 884453
Changes:
xrdp (0.9.4-4) unstable; urgency=high
.
[ Dominik George ]
* Fix (possibly exploitable) high CPU load in ssl_tls_accept.
(Closes: #884453)
* Source /etc/profile in startwm. (Closes: #882246)
+ Thanks to Wolfgang Schweer!
* Update README.Debian.
* Update bug report instructions.
.
[ Thorsten Glaser ]
* Allow user profile to override /etc/default/locale.
* Upload to unstable, next upload is likely to idle in NEW for a bit.
* Disable asm code for i386: xorgxrdp v0.2.4 does not contain the fix.
Checksums-Sha1:
e45035cb9a578d01965074276295ef33f8381fbc 2610 xrdp_0.9.4-4.dsc
46aa4e8e451c489a80030f855523d6c6a78c26c3 25432 xrdp_0.9.4-4.debian.tar.xz
e5d230690f4e5f988fef022db053940e12c0dfb6 839972
xorgxrdp-dbgsym_0.9.4-4_i386.deb
22e4e2a19c30221083e88817a278f7b6cc947fb3 85640 xorgxrdp_0.9.4-4_i386.deb
1fe1d691a1588d40e7bdef5b77974ee9044bf2b5 565588 xrdp-dbgsym_0.9.4-4_i386.deb
f82a8a7e9f3ab356e068486bb4f98e6dc568f4ae 9527 xrdp_0.9.4-4_i386.buildinfo
367663ccb67929a8759a6a715f14ae498babc8cd 452220 xrdp_0.9.4-4_i386.deb
Checksums-Sha256:
4193f90aadc44b600b3eeede9bf29fa2c39b659e84fcea180c165f53aeac848c 2610
xrdp_0.9.4-4.dsc
dad145ec36288c34a9626b7d3d6a90b6c47ece96e74f66384e8fc4050d802413 25432
xrdp_0.9.4-4.debian.tar.xz
881cbe88bf248230de74aaf3a451145aaf315af02d06e6049d951e96ec172ea9 839972
xorgxrdp-dbgsym_0.9.4-4_i386.deb
55912722341c1eb0d389b890dea65b61898c381e4054dfbbc17c81c9ade43024 85640
xorgxrdp_0.9.4-4_i386.deb
80f332c13a990df355bfc2472364e9a2bddd164a381c293b4d0b97ccfff31055 565588
xrdp-dbgsym_0.9.4-4_i386.deb
86ea663ac2fb6dd0f428814e73691b0633d8690d675d1214741b7888536626da 9527
xrdp_0.9.4-4_i386.buildinfo
bdbca4f488060c19a4417d2239e3d1bc5917133e09cd069675000a54a64b2726 452220
xrdp_0.9.4-4_i386.deb
Files:
1acb3b7e5291af7f327db44bb7170556 2610 net optional xrdp_0.9.4-4.dsc
f1d279a4acba63d64786996c359b0349 25432 net optional xrdp_0.9.4-4.debian.tar.xz
90f43177811a0f9b129844f3290b50ab 839972 debug optional
xorgxrdp-dbgsym_0.9.4-4_i386.deb
c0502cbd7740575ce708481c6863a024 85640 net optional xorgxrdp_0.9.4-4_i386.deb
8d6259c1832ebccb367b8cf459f09eb3 565588 debug optional
xrdp-dbgsym_0.9.4-4_i386.deb
cceb01f3b17247f55122a87e9708fc57 9527 net optional xrdp_0.9.4-4_i386.buildinfo
4af5797dc3fc406522190aeda88a0026 452220 net optional xrdp_0.9.4-4_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (MirBSD)
Comment: ☃ ЦΤℱ—8 ☕☂☄
iQIcBAEBCQAGBQJaPTDWAAoJEHa1NLLpkAfg+u4P/1j0J5jHZLix7OvHjbSKurSC
CkNkBptQ1fZYdIpAD/2Zy5dUENOg1/CMpemKaZQ22ZqgvX4yT4Hoo81nCgXkHO8z
FTbaoB9y1xd7Z3SFSJvEKo1e+biPBpkyUEHuLTE57WSFdaYL1ESu3DTqv8eTDNOE
jfAm9izMcaQpcem76JKReW+CepmnDsfCb0jjE/u2rZX8QxDgEsBRxez6+IOyRzAJ
qyg+3p35mnNCEaqo30YPRgEcbvztE1x9YKWMEHx17Bw1y2lZrWjI6RiKCHlxK7Ob
MplORpJJn4Oc62Bsy8wp5NsFSgAAC2DjzqvNmva9yS9FsS1zafV9r8HBloFpdUFt
1ouHwqtknn3Ze5prPXTpL8fMoZTA1J9/+5b5Mq2k42k5hymRaji/a394DweCi3X1
bWbhLVjqcTzhk9QhxGRdrcQVErnQVn1CrSlKu3FqIjRgezmN1xJ8OyvtDfdCrsel
7BTJMb/PhbcQ/e2O7BMoeij7WVpz+RrW0rLaN8EfeISeQns/k1iWydfS4MIIEKRG
pwqVvmoWre05Vr6R00gJx4scRmtPI96aWheXb4DgaRu1XaGrAecb5Lyqbl/vkpl6
O8tHfjb+4vCCBT77ptN8my0Pl/yTmEXBPWKoqY087z1RIoN1/dToj2xmmaFPaA1p
fvO8iCXFQMQ4hSYHuFCV
=sUoC
-----END PGP SIGNATURE-----
--- End Message ---
