Source: xrdp Version: 0.9.21.1-1 Severity: important X-Debbugs-Cc: step...@jadevine.org.uk
Dear Maintainer, A new version of xrdp - 0.9.23 - was released on 2023/08/31 which contains an important security fix for CVE-2023-40184: "Improper handling of session establishment errors allows bypassing OS-level session restrictions". I just wanted to check, will this be available in unstable soon and backported to stable? Thanks for your work on maintaining the xrdp package, it's much appreciated! Regards, Stephen Quinney -- System Information: Debian Release: 12.1 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 6.1.0-12-amd64 (SMP w/8 CPU threads; PREEMPT) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
