Bug#858143: fix is not complete

Dominik George nik at naturalnet.de
Thu Apr 27 10:37:22 UTC 2017

Control: reopen -1


> I'm investigated content of debian/patches/cve-2017-6967.diff from version
> 0.9.1-8 in unstable and by comparison with https://github.com/neutrinolabs/xrdp/commit/4b8a33e087ee9cf5556b40b717cd7e8ff243b3c3
> it is missing important sesman/session.c part of patch.

You are right, a part went missing when rebasing.

Please have a look at the new patch now: https://anonscm.debian.org/cgit/pkg-remote/xrdp.git/tree/debian/patches/cve-2017-6967.diff

> The version 0.9.2 would be much better solution, because it solves many more
> problems.

I know, but 0.9.2 won't get a freeze exception.


PGP-Fingerprint: 3C9D 54A4 7575 C026 FB17  FD26 B79A 3C16 A0C4 F296

Dominik George · Hundeshagenstr. 26 · 53225 Bonn
Phone: +49 228 92934581 · https://www.dominik-george.de/

Teckids e.V. · FrOSCon e.V.
Fellowship of the FSFE · Piratenpartei Deutschland
Opencaching Deutschland e.V. · Debian Maintainer

LPIC-3 Linux Enterprise Professional (Security)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 902 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-remote-team/attachments/20170427/57cf1a99/attachment.sig>

More information about the pkg-remote-team mailing list