Package: xrdp Version: 0.9.4-1 Severity: important Tags: upstream pending Forwarded: https://github.com/neutrinolabs/xrdp/issues/954
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 There is an infinite loop in ssl_tls_accept. It makes xrdp cause very high CPU load, and malicious clients can exploit this by keeping many SSL sessions open in this state. More details in upstream bug tracker. -----BEGIN PGP SIGNATURE----- iQJ4BAEBCABiFiEEPJ1UpHV1wCb7F/0mt5o8FqDE8pYFAlozougxGmh0dHBzOi8v d3d3LmRvbWluaWstZ2VvcmdlLmRlL2dwZy1wb2xpY3kudHh0LmFzYxIcbmlrQG5h dHVyYWxuZXQuZGUACgkQt5o8FqDE8pYvEBAAiwnWk+2aIbHcP+hvGSGuSugJhJwF iiglKO4TF5/s8Iof8U2Tt2CtyNgMOGpjd4cLW9TLkEGKDDH9Z6o/oZ9c8vvjBPay fFD7Nrq7XU2v5+E1LaiWj7wOi8XQmQAc6ID320VFMbMo9gHNJG1u9h/wyV+HsRKQ WSKD0dDXFxN7m2E4ECzwZugeihvPH0o1+f9i2vf4HlAkylkNgCqUesFadf6YDICM 07IZCkU9TT9AJ4LinYH9DhcJmU03mWsjP2lh2hpBFRzjXLjhEojkYD+Y29rQE8RJ J6bYyBGdC22kvdmvDuG9UqjbM0O9fMuefyDVdn2lxEs0f2RgQkH8jOOLYzo7DqcY S0UA8Zaxo8u+mJSnwLoy7+O0Kc5QdnIbfpfRI/JjBtvklMnbGMe+QcyQJ/RsUZuK K9rcg+MKLyO8oAnGtiB3u1b6fCMt4VrGxDia/yoge1QQo340lYzsyvrdNUsR7kkc QvGm2RAI7n0YFWmHhifOUGw6GtCqTfFcU+EGcOY9/ZZjNem2Ki915EYEDXTqq0Z/ qcEz4UQUWCdCyjv9Ik+ZvFAAwmFH+qCHltWmBkbK1jUK6S4v13PmB9k70ZzF59zb VKD6iAKvTihO0dHGtZN9CIhJHpB8z6dLm8hdSJdjfeyXAxvJoh8AUzRUP8uycGXC 1my6qMZiBSXT+/M= =dnOz -----END PGP SIGNATURE-----