Debian -- Security Information -- DSA-5502-1 xrdp

Date: unknown

Location: www.debian.org

DSA-5502-1 xrdp -- security update

Date Reported:
18 Sep 2023
Affected Packages:
xrdp
Vulnerable:
Yes
Security database references:
In the Debian bugtracking system: Bug 1025879.
In Mitre's CVE dictionary: CVE-2022-23468, CVE-2022-23477, CVE-2022-23478, CVE-2022-23479, CVE-2022-23480, CVE-2022-23481, CVE-2022-23482, CVE-2022-23483, CVE-2022-23484, CVE-2022-23493.
More information:

Multiple security vulnerabilities have been found in xrdp, a remote desktop protocol server. Buffer overflows and out-of-bound writes may cause a denial of service or other unspecified impact.

For the oldstable distribution (bullseye), these problems have been fixed in version 0.9.21.1-1~deb11u1.

We recommend that you upgrade your xrdp packages.

For the detailed security status of xrdp please refer to its security tracker page at: https://security-tracker.debian.org/tracker/xrdp