Debian Security Advisory
DSA-5502-1 xrdp -- security update
- Date Reported:
- 18 Sep 2023
- Affected Packages:
- Security database references:
- In the Debian bugtracking system: Bug 1025879.
In Mitre's CVE dictionary: CVE-2022-23468, CVE-2022-23477, CVE-2022-23478, CVE-2022-23479, CVE-2022-23480, CVE-2022-23481, CVE-2022-23482, CVE-2022-23483, CVE-2022-23484, CVE-2022-23493.
- More information:
Multiple security vulnerabilities have been found in xrdp, a remote desktop protocol server. Buffer overflows and out-of-bound writes may cause a denial of service or other unspecified impact.
For the oldstable distribution (bullseye), these problems have been fixed in version 0.9.21.1-1~deb11u1.
We recommend that you upgrade your xrdp packages.
For the detailed security status of xrdp please refer to its security tracker page at: https://security-tracker.debian.org/tracker/xrdp