-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 25 May 2025 15:16:34 +0530
Source: xrdp
Binary: xrdp xrdp-dbgsym
Architecture: amd64
Version: 0.9.21.1-1+deb12u1
Distribution: bookworm
Urgency: high
Maintainer: all / amd64 / i386 Build Daemon (x86-conova-01) <buildd_amd64-x86-conova-01@buildd.debian.org>
Changed-By: Abhijith PA <abhijith@debian.org>
Description:
 xrdp       - Remote Desktop Protocol (RDP) server
Closes: 1051061 1053284 1076769
Changes:
 xrdp (0.9.21.1-1+deb12u1) bookworm; urgency=high
 .
   * Non-maintainer upload
   * Fix CVE-2023-40184: Improper handling of session establishment
     errors allows bypassing OS-level session restrictions. The
     `auth_start_session` function can return non-zero. PAM error
     which may result in session restrictions such as max concurrent
     sessions per user by PAM (ex ./etc/security/limits.conf) to be
     bypassed (Closes: #1051061)
   * Fix CVE-2023-42822: Access to the font glyphs in xrdp_painter.c
     is not bounds-checked. (Closes: #1053284)
   * Fix CVE-2024-39917:  vulnerability that allows attackers to make
     an infinite number of login attempts. (Closes: #1076769)
Checksums-Sha1:
 327a7afcdade8ad8d10be93f0d16d3c48ad617f7 854796 xrdp-dbgsym_0.9.21.1-1+deb12u1_amd64.deb
 b754001b8f5550fe383d2b61b9000833254cefcd 7986 xrdp_0.9.21.1-1+deb12u1_amd64-buildd.buildinfo
 1e60a0db88fd0d65164a097b0a222745f8e5ad85 490784 xrdp_0.9.21.1-1+deb12u1_amd64.deb
Checksums-Sha256:
 8850001521ccf19d0007e90c580a6f8798b1df497ad7232e0fa2bd716c0d2d49 854796 xrdp-dbgsym_0.9.21.1-1+deb12u1_amd64.deb
 d78ee40ba557d9b73ff123f82d4fe0ca44b4c1236102f6b786e470e86d20521b 7986 xrdp_0.9.21.1-1+deb12u1_amd64-buildd.buildinfo
 6da54bfbe34d88137bdf4e78c5e1d7860184182c3f078f5050c37c6be360f1d7 490784 xrdp_0.9.21.1-1+deb12u1_amd64.deb
Files:
 0599171df8d0bb86ccfe083f30930195 854796 debug optional xrdp-dbgsym_0.9.21.1-1+deb12u1_amd64.deb
 b5e6ba96b49e410215b8ded730599e1e 7986 net optional xrdp_0.9.21.1-1+deb12u1_amd64-buildd.buildinfo
 62fb720259a0e542cc5e4c818f83a1b0 490784 net optional xrdp_0.9.21.1-1+deb12u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEaPzFtKPtF0JrKPV5iZlfn74WV6kFAmg7ehoACgkQiZlfn74W
V6lG2w/+K+mH0+PzKgy0Du16PW4QN4GJV6LM19f6+FMrf6++dW+DpC5pj8UxwEYK
4aK2Bsuv9bK/DvyzA+WdNIOYguek3rat7btfNWarfmStPNLmBFVUJKoiYvt6fS3u
Cf6RIp4apJlvmII502x92YPgQZUVHxrbe6MZ4i2yrlS0h6zQoyO5X/0rU/OWzsGD
F+qsRM8E67bTx/pAcWXPo/F6tX/+zscPIEhadtVsm2mZyd90vvwxhbENCLeVCBc3
hyepeKz2odEYNHos3OMS82fkBLXrmQM/G6LGLqDavUN8PTQdFhfurVScWO4TIL5D
JQcMkYRhGaRlPNhLq53dunq3pp+t82G5j7dP8M3f5aVNZHkZnzmjrDVG1Bxa4lJu
vbguiZ7sgmgTijI1oJDWNWrG7NVFFhcwAv747GnhN0IWzq+egeYKFn2TdLf1jJIM
H3PU3gqnp1rqtnf44aN3HXHf7xW7tpQxwWUjG5pzt90Oza7rrnx3qQwmCsfOZdgc
Fp9d58u5By208EQMQHaUFZQPnFxl7c0G7soRqV4nowXFXOk+qotpKg8yLEJ24eLi
M66yFIsd7SQNIl5Nx3vgLNGM0172Ekm4oJdtDBbGwRFv6ma/VpxRPYSclATWFDDY
XdC8GTWevIdr94U5aBfXWilBMlJl6U7LxFnyqc7VDrlnBQXHS3c=
=nNN4
-----END PGP SIGNATURE-----