-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 25 May 2025 15:16:34 +0530
Source: xrdp
Binary: xrdp xrdp-dbgsym
Architecture: i386
Version: 0.9.21.1-1+deb12u1
Distribution: bookworm
Urgency: high
Maintainer: all / amd64 / i386 Build Daemon (x86-conova-02) <buildd_amd64-x86-conova-02@buildd.debian.org>
Changed-By: Abhijith PA <abhijith@debian.org>
Description:
 xrdp       - Remote Desktop Protocol (RDP) server
Closes: 1051061 1053284 1076769
Changes:
 xrdp (0.9.21.1-1+deb12u1) bookworm; urgency=high
 .
   * Non-maintainer upload
   * Fix CVE-2023-40184: Improper handling of session establishment
     errors allows bypassing OS-level session restrictions. The
     `auth_start_session` function can return non-zero. PAM error
     which may result in session restrictions such as max concurrent
     sessions per user by PAM (ex ./etc/security/limits.conf) to be
     bypassed (Closes: #1051061)
   * Fix CVE-2023-42822: Access to the font glyphs in xrdp_painter.c
     is not bounds-checked. (Closes: #1053284)
   * Fix CVE-2024-39917:  vulnerability that allows attackers to make
     an infinite number of login attempts. (Closes: #1076769)
Checksums-Sha1:
 5574ec5b86a713a55392964f6589d25ef5ad871d 730700 xrdp-dbgsym_0.9.21.1-1+deb12u1_i386.deb
 564d69554397e36cbebbe023c14bcf54fe174405 7910 xrdp_0.9.21.1-1+deb12u1_i386-buildd.buildinfo
 264a3d5f67c0f04436ec7c39489c002671811f20 523340 xrdp_0.9.21.1-1+deb12u1_i386.deb
Checksums-Sha256:
 dba23044bd672ed14890dc6e48457ae835284eff0b30e79f67849fb9d67e3507 730700 xrdp-dbgsym_0.9.21.1-1+deb12u1_i386.deb
 e4597bf9b259c83a8c01b89b2118d1b3db5b1aa05307cc914af49b6d48bb6bf5 7910 xrdp_0.9.21.1-1+deb12u1_i386-buildd.buildinfo
 0e7c5408badaaa7e4755686fe198c77a18aba72c68f0190560c89d4aaef5a01c 523340 xrdp_0.9.21.1-1+deb12u1_i386.deb
Files:
 e0bf0a451a10a14da696cbe1c518621a 730700 debug optional xrdp-dbgsym_0.9.21.1-1+deb12u1_i386.deb
 ad50ab44cbe9126c3e4c6363b27aead5 7910 net optional xrdp_0.9.21.1-1+deb12u1_i386-buildd.buildinfo
 c3a16cc2d15be796f54b5166a8694938 523340 net optional xrdp_0.9.21.1-1+deb12u1_i386.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEErwLLVsiCiGZggzpHJuP6X4A0XeIFAmg7emYACgkQJuP6X4A0
XeJnxxAApLv5d0KzS7D6URpHU57LmDUVvkQr69tMTNuMnV13x2fzGBrbeXKFg3zU
uFGBQPVFJvIjVvdsxEIRXjIS4n480uwDdLdZvSGWxNQcaRO90rSFhIjDPq3+EB4g
6nbh311VVx2p66/iF2wm+R3n/b3GxELZpA/R/FGqKFQ4XzLjSTK0Qyqbkt3pFv2H
1ETYdbRAGXFfI2mkfjYj5pUG9ZUCSKf35Fl48VJmL7zgcJW/iNPBlEQyH91fY0sU
GsgVU2woq2Wp6H+eVRN1pOH3lttQBA4jA6dupHE358ryzHm04Rl0+rWtancrVWs4
yEi6fbEpwGafjSKroLtfjT1ajtGKuBvlJWQBt0mTk/UVOEmPvFwwfqGeM0Swntf8
lH+HSFO1tdNPy30WdgH3y2OL7D234maSuStzrIy/mZLS8OKt25Nq2p2T2EWgSQ8d
QEBlx7M5P5kJBiR4K2tZN6bI4hNS3fcpQV6K/Laqz54aS+k8qNBdutjBqW7amhLt
8axAi9TbQjLXMce/U3McsMHXjZPKGC39/NOamFIDYqPeoIZyGtnletUJnyRYgsoT
4RJNAGUpWsYPzNEZO94IX4jz8abgvKJr79DDFzrbjsaUXYcXjvyiZo+MDH8WQJxc
Y3oAG/cORaoQc7BEqdZlqXfz8+UX6Y9IyJaap7YtQef9ifiTAng=
=2WlZ
-----END PGP SIGNATURE-----