SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libpainter0-0.9.23.1-163.4.i586.rpm :

* Wed Oct 18 2023 Dominique Leuenberger - Update to version 0.9.23.1: + Security fix: Unchecked access to font glyph info (CVE-2023-42822).- Changes from version 0.9.23: + General announcement: Running xrdp and xrdp-sesman on separate hosts is still supported by this release, but is now deprecated. This is not secure. A future v1.0 release will replace the TCP socket used between these processes with a Unix Domain Socket, and then cross-host running will not be possible. + Security fix: Improper handling of session establishment errors allows bypassing OS-level session restrictions (CVE-2023-40184). + Bug fixes: - Environment variables set by PAM modules are no longer restricted to around 250 characters. - X11 clipboard clients now no longer hang when requesting a clipboard format which isn\'t available.
* Thu Aug 03 2023 Linnaea Lavia - Update to version 0.9.22 + New features - Empty passwords are no longer automatically passed through to sesman for authentication - Don\'t try to listen on the scard socket if it isn\'t there - The directory where PAM configuration files are installed can now be set with --with-pamconfdir - Sesman can now be configured to ignore alternate shells passed from the client - Allow longer UserWindowManager strings - openSuSE Tumbleweed move to /usr/lib/pam.d is now supported in the installation scripts - VNC backend session now supports extra mouse buttons 6, 7 and 8 + Bug fixes - Minor documentation fixes - Memory management fixes to list module - Fix some noise when MP3/AAC are in use and some logging improvements - Fix potential NULL dereferences in chansrv - An erroneous free in the smartcard handling code has been removed - Passwords are no longer left on the heap in sesman - Set permissions on pcsc socket dir to owner only + Security fixes - CVE-2022-23468 - CVE-2022-23477 - CVE-2022-23478 - CVE-2022-23479 - CVE-2022-23480 - CVE-2022-23481 - CVE-2022-23482 - CVE-2022-23483 - CVE-2022-23484 - CVE-2022-23493- Drop upstreamed patches: xrdp-CVE-2022-23468.patch xrdp-CVE-2022-23477.patch xrdp-CVE-2022-23478.patch xrdp-CVE-2022-23479.patch xrdp-CVE-2022-23480.patch xrdp-CVE-2022-23481.patch xrdp-CVE-2022-23482.patch xrdp-CVE-2022-23483.patch xrdp-CVE-2022-23484.patch xrdp-CVE-2022-23493.patch xrdp-make-pamconfdir-configurable.patch xrdp-update-pam.d-path.patch
* Tue Jun 06 2023 Dominique Leuenberger - Do not call %stop_on_removal and %restart_on_update in %preun/%postun: those macros would require at least some %parameters and actually are the same as the already used %%service_del_preun and %service_del_postun.
* Wed Mar 08 2023 Yifan Jiang - Enable --with-pamconfdir=/usr/lib/pam.d on Tumbleweed (gh#neutrinolabs/xrdp!2552 bsc#1208121).
* Wed Mar 08 2023 Yifan Jiang - Add xrdp-make-pamconfdir-configurable.patch: Apply upstream implementation and introduce --with-pamconfdir at build time (gh#neutrinolabs/xrdp!2552 bsc#1208121).- Drop xrdp-fix-search-pam-vendor-dir.patch
* Mon Feb 13 2023 Yifan Jiang - Add xrdp-fix-search-pam-vendor-dir.patch: Search pam configuration file in the vendor directory /usr/lib/pam.d/ (bsc#1208121).
* Mon Jan 16 2023 Stefan Schubert - Migration of PAM settings to /usr/lib/pam.d.
* Tue Jan 10 2023 Daike Yu - xrdp-CVE-2022-23477.patch (bsc#1206301) + Buffer over flow in audin_send_open() function
* Wed Dec 28 2022 Daike Yu - Security fixes: + xrdp-CVE-2022-23468.patch (bsc#1206300)
* Buffer overflow in xrdp_login_wnd_create() + xrdp-CVE-2022-23478.patch (bsc#1206302)
* Out of Bound Write in xrdp_mm_trans_process_drdynvc_chan + xrdp-CVE-2022-23479.patch (bsc#1206303)
* Buffer overflow in xrdp_mm_chan_data_in() function + xrdp-CVE-2022-23480.patch (bsc#1206306)
* Buffer overflow in devredir_proc_client_devlist_announce_req + xrdp-CVE-2022-23481.patch (bsc#1206307)
* Out of Bound Read in xrdp_caps_process_confirm_active() + xrdp-CVE-2022-23482.patch (bsc#1206310) + Out of Bound Read in xrdp_sec_process_mcs_data_CS_CORE() + xrdp-CVE-2022-23483.patch (bsc#1206311) + Out of Bound REad in libxrdp_send_to_channel() + xrdp-CVE-2022-23484.patch (bsc#1206312) + Integer Overflow in xrdp_mm_process_rail_update_window_text() + xrdp-CVE-2022-23493.patch (bsc#1206313) + Out of Bound Read in xrdp_mm_trans_process_drdynvc_channel_close()
* Mon Dec 05 2022 Daike Yu - Make xrdp-update-pam.d-path.patch applies to all distributions (bsc#1203468)
* Mon Nov 07 2022 Daike Yu - Add xrdp-update-pam.d-path.patch (bsc#1203468) + Update pam.d path in install scripts to allow correct rule guess.
* Tue Oct 25 2022 Michael Gorse - Update to version 0.9.20 + New features - Mitigation for too fast vertical scroll has been implemented. + Bug fixes - Windows RDS compatibility has been improved - Update xrdpapi simple example to work with new logging - sesman: fix spacing in log - Fix MSTSC crashes when resolution is changed by maximizing on a different monitor - Mark count with unused attribute - Simple maintenance improvements
* Sun May 15 2022 Sarah Kriesch - Update to version 0.9.19 + New features - loongarch support - Improved Fail2ban support - Both inbound and outbound clipboards can now be restricted for text, files or images - Versions 0.13 and later of checklib can undefine the pre-processor symbol HAVE_STDINT_H - The OpenSSL 3 EVP interface is now fully supported - The logging of TLS/non-TLS security negotiation has been improved - Unified and improved logging - Status values for the DRDYNVC channel are now available in libxrdp/xrdp_channel.h - Backgrounds and logos on the login screen can now be zoomed and scaled - The performance settings for NeutrinoRDP can be now configured - clipboard: log file transfer for the purpose of audit - Client\'s Keyboard layout now can be overridden by xrdp configuration for debugging purposes - On-the-fly resolution change now supported for Xvnc and Xorg - xrdp can now use key algorithms other than RSA for TLS - chansrv can now work on DISPLAY=:0 so it can be used with x11vnc/Vino/etc sessions + Bug fixes - Privilege escalation on xrdp-sesman: CVE-2022-23613 - Some situations where zombie processes could exist have been resolved - Null-pointer exceptions which can happen in the logging module addressed - Some minor logging errors have been corrected - The signal handling in sesman has been reworked to prevent race conditions when a child exits - Logging is improved for security protocol level decisions - Failure to attach to the memory area shared with xorgxrdp now logged - Remote drive redirection now works if printer redirection is also requested by the client - config value has been added which allows copy-pasting of files to work with Nautilus for GNOME 3 versions >= 3.29.92 - Fix some regressions in sesman auth modules - Fix TS_PLAY_SOUND_PDU_DATA to set the correct frequency and duration - Fix password leakage to logs in NeutrinoRDP module- Remove
*.txt as docs because of files not found (improvements in man pages)
* Fri Mar 25 2022 Scott Bradnick - Adding \'BuildRequires:fuse-devel\' and \'--enable-fuse\' to configure so that hyper-v-enhanced-session package \'shared-drives\' (and general copy and paste of files) works correctly.
* Fri Feb 04 2022 Dominique Leuenberger - Rework files section: do not add config(noreplace) marker on the directory /etc/xrdp, but only on the content of the directory. + the config(noreplace) marker on the dircreates a rpm metadata marker, which can be identified as conflicting with other packages also owning /etc/xrdp, without the marker + The re-org of the files section happens to also fix warnings about files listed twice.
* Wed Aug 11 2021 Daike Yu - Fix crash in xrdp-fate318398-change-expired-password.patch (bsc#1187258)
* Wed Jan 06 2021 Felix Zhang - Update to version 0.9.15 + New features - Allow token sign in without autologon for SSO (#1667 #1668) - Norwegian keyboard support (#1675) - Improved config support for chansrv (#1635) - Unified chansrv, sesman and libxrdp logging (#1633 #1708 [#1738]) - Support SUSE move to /usr/etc (#1702) - Parameters may now be specified for user-specified shell (#1270 #1695) - xrdp executables now allow alternative config files to be specified with -c (#1588 #1650 #1651) - sesrun improvements (#1741) - Drive redirection location can now be specified (#1048) + Bug fixes - Additional buffer overflow checks (#1662) - genkeymap array size conflict fixed (#1691) - Buffering issue with neutrinordp over a slow link fixed (#1608 1634) - Prevent PAM info message from causing authentication failure (#1727) - Try harder to clean up socket files on session exit (#1740 [#1756]) - xrdp-chansrv become defunct in docker while file copy (#1658)- Drop xrdp-buildfix.patch: fixed upstream- Drop xrdp-default-config.patch. Add patched sources xrdp.ini and sesman.ini to avoid frequent rebases- Drop xrdp-usr-etc-support.patch: fixed upstream- Rebase xrdp-avahi.diff- Rebase xrdp-fate318398-change-expired-password.patch
* Mon Oct 19 2020 Yifan Jiang - Use %license to pack up COPYING in spec
* Mon Oct 19 2020 Yifan Jiang - Add xrdp-usr-etc-support.patch: Additionally support /usr/etc/X11/Xsession in startwm.sh (bsc#1177779) Author: Stefan Dirsch - Rebase Update xrdp-bsc965647-allow-admin-choose-desktop.patch
* Fri Sep 18 2020 Felix Zhang - Add xrdp-buildfix.patch: fix a declaration conflict #1691
* Mon Sep 14 2020 Felix Zhang - Update to version 0.9.14 + New features - Multi monitor and resize support for Xvnc backend #1343 For more details see https://github.com/neutrinolabs/xrdp/wiki/Xvnc-backend-:-Multi-monitor-and-resize-support - Support Programmer Dvorak Keyboard #1663 + Bug fixes - Fix odd shift key behavior (workaround) #397 #1522 - Fix internal username/password buffer is smaller than RDP protocol specification #1648 #1653 - Fix possible memory out-of-bounds accesses #1549 - Fix memory allocation overflow #1557 - Prevent chansrv input channels being scanned during a server reset #1595 - Ignore TS_MULTIFRAGMENTUPDATE_CAPABILITYSET from client if fp disabled #1593 + Known issues - FreeRDP 2.0.0-rc4 or later might not able to connect to xrdp due to xrdp\'s bad-mannered behaviour, add +glyph-cache option to FreeRDP to connect #1266 - Audio redirection by MP3 codec doesn\'t sound with some client, use AAC instead #965- Drop xrdp-fate319683-allow-vnc-resizing.patch: fixed upstream- Rebase xrdp-default-config.patch- Rebase xrdp-disable-8-bpp-vnc-support.patch- Rebase xrdp-fate318398-change-expired-password.patch
* Tue Aug 11 2020 Yifan Jiang - Update xrdp-bsc965647-allow-admin-choose-desktop.patch: + Fallback the session to icewm when a selected desktop environment is not found (bsc#1171415) + Support plasma session for Leap 15.2 + Give more informative comments in start_wm.sh
* Fri Jul 10 2020 Yifan Jiang - Update xrdp.keyring according to: https://github.com/neutrinolabs/xrdp/issues/1627
* Thu Jul 02 2020 Yifan Jiang - Update to version 0.9.13.1 + This is a security fix release that includes fixes for the following local buffer overflow vulnerability (bsc#1173580): https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4044- Rebase xrdp-fate318398-change-expired-password.patch
* Wed Jun 17 2020 Dominique Leuenberger - Use %{_libexecdir} to install the legacy initscript actions to.
* Fri Apr 24 2020 Yifan Jiang - Enable SLE only patches for Leap (jsc#SLE-11850).
* Tue Mar 24 2020 QK ZHU - Update xrdp-bsc965647-allow-admin-choose-desktop.patch: + Set the default session to GNOME Session for SLE. + Update the variables to launch SLE-Classic Session. (bsc#1166746).
* Tue Mar 24 2020 QK ZHU - Update xrdp-bsc965647-allow-admin-choose-desktop.patch: Add `export XDG_SESSION_TYPE=x11` in startwm.sh for SLE, since lacking this variable in GNOME 3.34 causes GNOME crash (bsc#1159257).
* Thu Mar 12 2020 Felix Zhang - Update to version 0.9.13 + Bug fixes: some regressions on drive redirection #1469 #1487 [#1505] #1507 + Support mousex button 8/9 #1478- Update to version 0.9.12 + Bug fixes - Fix \"The log reference is NULL\" error when sesman startup [#1425] - Fix behavior when shmem_id changes #1439 - Make vsock config accept -1 for cid and port #1441 - Cleanup refresh rect and check stream bounds #1437 - Significant improvements in drive redirection #1449 + Other changes - Proprietary microphone redirection via rdpsnd is now default off RDP compatible microphone redirection is on instead #1427 - Skip connecting to chansrv when no channels enabled #1393 - Add openSUSE\'s pam rules (boo#1156094, #1442) - Do not terminate xrdp daemon when caught SIGHUP #1319- Known issues + FreeRDP 2.0.0-rc4 or later might not able to connect to xrdp due to xrdp\'s bad-mannered behaviour, add `+glyph-cache` option to FreeRDP to connect #1266 + Audio redirection by MP3 codec doesn\'t sound with some client, use AAC instead #965- Drop xrdp-mkpamrules-support-usr-etc-distconfdir.patch: Fixed upstream
* Wed Mar 11 2020 Felix Zhang - Update xrdp-avahi.diff: Fix implicit definitions errors.
* Sat Feb 08 2020 Cristian Rodríguez - Build with --enable-vsock so xrdp can be used with hyper-v enhanced session mode.
  
ICM