Public bug reported: Hello,
We are using Ubuntu 20.04 LTS on our Servers with RDP access through XRDP. We found out via vulnurability scanning that the CVE CVE-2020-4044 is still open in the LTS version. In Debian the bug is already fixed in all codestreams: https://security- tracker.debian.org/tracker/CVE-2020-4044 Is there any news when or if the bugfix will be release to the LTS release 20.04 - I can see the same package version is already updated for 21.04. lsb-release -rd Description: Ubuntu 20.04.3 LTS Release: 20.04 apt show xrdp Package: xrdp Version: 0.9.12-1 Thank you very much for the great work on Ubuntu and for any information regarding this issue. ** Affects: xrdp (Ubuntu) Importance: Undecided Status: Confirmed ** Description changed: Hello, We are using Ubuntu 20.04 LTS on our Servers with RDP access through XRDP. We found out via vulnurability scanning that the CVE CVE-2020-4044 is still open in the LTS version. In Debian the bug is already fixed in all codestreams: https://security- tracker.debian.org/tracker/CVE-2020-4044 - Is there any news when or if the bugfix will be backported to the LTS - release 20.04. + Is there any news when or if the bugfix will be release to the LTS + release 20.04 - I can see the fix is already in this project. lsb-release -rd Description: Ubuntu 20.04.3 LTS Release: 20.04 apt show xrdp Package: xrdp Version: 0.9.12-1 Thank you very much for the great work on Ubuntu and for any information regarding this issue. ** Description changed: Hello, We are using Ubuntu 20.04 LTS on our Servers with RDP access through XRDP. We found out via vulnurability scanning that the CVE CVE-2020-4044 is still open in the LTS version. In Debian the bug is already fixed in all codestreams: https://security- tracker.debian.org/tracker/CVE-2020-4044 Is there any news when or if the bugfix will be release to the LTS - release 20.04 - I can see the fix is already in this project. + release 20.04 - I can see the fix is already in this project ini version + 0.9.12-1.1. lsb-release -rd Description: Ubuntu 20.04.3 LTS Release: 20.04 apt show xrdp Package: xrdp Version: 0.9.12-1 Thank you very much for the great work on Ubuntu and for any information regarding this issue. ** Description changed: Hello, We are using Ubuntu 20.04 LTS on our Servers with RDP access through XRDP. We found out via vulnurability scanning that the CVE CVE-2020-4044 is still open in the LTS version. In Debian the bug is already fixed in all codestreams: https://security- tracker.debian.org/tracker/CVE-2020-4044 Is there any news when or if the bugfix will be release to the LTS - release 20.04 - I can see the fix is already in this project ini version - 0.9.12-1.1. + release 20.04 - I can see the same package version is already updated + for 21.04. lsb-release -rd Description: Ubuntu 20.04.3 LTS Release: 20.04 apt show xrdp Package: xrdp Version: 0.9.12-1 Thank you very much for the great work on Ubuntu and for any information regarding this issue. ** Summary changed: - CVE-2020-4044 + CVE-2020-4044: Backport for 20.04-LTS -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to xrdp in Ubuntu. https://bugs.launchpad.net/bugs/1954639 Title: CVE-2020-4044: Backport for 20.04-LTS To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xrdp/+bug/1954639/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
