Описание
Security update for xrdp
This update for xrdp fixes the following issues:
- CVE-2022-23477: Fixed a buffer overflow for oversized audio format from client (bsc#1206301).
Список пакетов
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production
xrdp-0.9.13.1-150200.4.18.1
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production
xrdp-0.9.13.1-150200.4.18.1
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production
xrdp-0.9.13.1-150200.4.18.1
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production
xrdp-0.9.13.1-150200.4.18.1
Image SLES15-SP3-SAPCAL-Azure
xrdp-0.9.13.1-150200.4.18.1
Image SLES15-SP3-SAPCAL-EC2-HVM
xrdp-0.9.13.1-150200.4.18.1
Image SLES15-SP3-SAPCAL-GCE
xrdp-0.9.13.1-150200.4.18.1
Image SLES15-SP4-SAP
xrdp-0.9.13.1-150200.4.18.1
Image SLES15-SP4-SAP-Azure
xrdp-0.9.13.1-150200.4.18.1
Image SLES15-SP4-SAP-Azure-LI-BYOS
xrdp-0.9.13.1-150200.4.18.1
Image SLES15-SP4-SAP-Azure-LI-BYOS-Production
xrdp-0.9.13.1-150200.4.18.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS
xrdp-0.9.13.1-150200.4.18.1
Image SLES15-SP4-SAP-Azure-VLI-BYOS-Production
xrdp-0.9.13.1-150200.4.18.1
Image SLES15-SP4-SAP-EC2
xrdp-0.9.13.1-150200.4.18.1
Image SLES15-SP4-SAP-GCE
xrdp-0.9.13.1-150200.4.18.1
Image SLES15-SP4-SAPCAL
xrdp-0.9.13.1-150200.4.18.1
Image SLES15-SP4-SAPCAL-Azure
xrdp-0.9.13.1-150200.4.18.1
Image SLES15-SP4-SAPCAL-EC2
xrdp-0.9.13.1-150200.4.18.1
Image SLES15-SP4-SAPCAL-GCE
xrdp-0.9.13.1-150200.4.18.1
Image SLES15-SP5-SAP-Azure
xrdp-0.9.13.1-150200.4.18.1
Image SLES15-SP5-SAP-Azure-LI-BYOS
xrdp-0.9.13.1-150200.4.18.1
Image SLES15-SP5-SAP-Azure-LI-BYOS-Production
xrdp-0.9.13.1-150200.4.18.1
Image SLES15-SP5-SAP-Azure-VLI-BYOS
xrdp-0.9.13.1-150200.4.18.1
Image SLES15-SP5-SAP-Azure-VLI-BYOS-Production
xrdp-0.9.13.1-150200.4.18.1
Image SLES15-SP5-SAP-EC2
xrdp-0.9.13.1-150200.4.18.1
Image SLES15-SP5-SAP-GCE
xrdp-0.9.13.1-150200.4.18.1
Image SLES15-SP5-SAPCAL-Azure
xrdp-0.9.13.1-150200.4.18.1
Image SLES15-SP5-SAPCAL-EC2
xrdp-0.9.13.1-150200.4.18.1
Image SLES15-SP5-SAPCAL-GCE
xrdp-0.9.13.1-150200.4.18.1
SUSE Enterprise Storage 7
libpainter0-0.9.13.1-150200.4.18.1
librfxencode0-0.9.13.1-150200.4.18.1
xrdp-0.9.13.1-150200.4.18.1
xrdp-devel-0.9.13.1-150200.4.18.1
SUSE Enterprise Storage 7.1
libpainter0-0.9.13.1-150200.4.18.1
librfxencode0-0.9.13.1-150200.4.18.1
xrdp-0.9.13.1-150200.4.18.1
xrdp-devel-0.9.13.1-150200.4.18.1
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
libpainter0-0.9.13.1-150200.4.18.1
librfxencode0-0.9.13.1-150200.4.18.1
xrdp-0.9.13.1-150200.4.18.1
xrdp-devel-0.9.13.1-150200.4.18.1
SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS
libpainter0-0.9.13.1-150200.4.18.1
librfxencode0-0.9.13.1-150200.4.18.1
xrdp-0.9.13.1-150200.4.18.1
xrdp-devel-0.9.13.1-150200.4.18.1
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
libpainter0-0.9.13.1-150200.4.18.1
librfxencode0-0.9.13.1-150200.4.18.1
xrdp-0.9.13.1-150200.4.18.1
xrdp-devel-0.9.13.1-150200.4.18.1
SUSE Linux Enterprise Module for Basesystem 15 SP4
libpainter0-0.9.13.1-150200.4.18.1
librfxencode0-0.9.13.1-150200.4.18.1
xrdp-0.9.13.1-150200.4.18.1
xrdp-devel-0.9.13.1-150200.4.18.1
SUSE Linux Enterprise Real Time 15 SP3
libpainter0-0.9.13.1-150200.4.18.1
librfxencode0-0.9.13.1-150200.4.18.1
xrdp-0.9.13.1-150200.4.18.1
xrdp-devel-0.9.13.1-150200.4.18.1
SUSE Linux Enterprise Server 15 SP2-LTSS
libpainter0-0.9.13.1-150200.4.18.1
librfxencode0-0.9.13.1-150200.4.18.1
xrdp-0.9.13.1-150200.4.18.1
xrdp-devel-0.9.13.1-150200.4.18.1
SUSE Linux Enterprise Server 15 SP3-LTSS
libpainter0-0.9.13.1-150200.4.18.1
librfxencode0-0.9.13.1-150200.4.18.1
xrdp-0.9.13.1-150200.4.18.1
xrdp-devel-0.9.13.1-150200.4.18.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2
libpainter0-0.9.13.1-150200.4.18.1
librfxencode0-0.9.13.1-150200.4.18.1
xrdp-0.9.13.1-150200.4.18.1
xrdp-devel-0.9.13.1-150200.4.18.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3
libpainter0-0.9.13.1-150200.4.18.1
librfxencode0-0.9.13.1-150200.4.18.1
xrdp-0.9.13.1-150200.4.18.1
xrdp-devel-0.9.13.1-150200.4.18.1
SUSE Manager Proxy 4.2
libpainter0-0.9.13.1-150200.4.18.1
librfxencode0-0.9.13.1-150200.4.18.1
xrdp-0.9.13.1-150200.4.18.1
xrdp-devel-0.9.13.1-150200.4.18.1
SUSE Manager Retail Branch Server 4.2
libpainter0-0.9.13.1-150200.4.18.1
librfxencode0-0.9.13.1-150200.4.18.1
xrdp-0.9.13.1-150200.4.18.1
xrdp-devel-0.9.13.1-150200.4.18.1
SUSE Manager Server 4.2
libpainter0-0.9.13.1-150200.4.18.1
librfxencode0-0.9.13.1-150200.4.18.1
xrdp-0.9.13.1-150200.4.18.1
xrdp-devel-0.9.13.1-150200.4.18.1
openSUSE Leap 15.4
libpainter0-0.9.13.1-150200.4.18.1
librfxencode0-0.9.13.1-150200.4.18.1
xrdp-0.9.13.1-150200.4.18.1
xrdp-devel-0.9.13.1-150200.4.18.1
Ссылки
- Link for SUSE-SU-2023:0151-1
- E-Mail link for SUSE-SU-2023:0151-1
- SUSE Security Ratings
- SUSE Bug 1206301
- SUSE CVE CVE-2022-23477 page
Описание
xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in audin_send_open() function. There are no known workarounds for this issue. Users are advised to upgrade.
Затронутые продукты
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production:xrdp-0.9.13.1-150200.4.18.1
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production:xrdp-0.9.13.1-150200.4.18.1
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:xrdp-0.9.13.1-150200.4.18.1
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:xrdp-0.9.13.1-150200.4.18.1
Ссылки
- CVE-2022-23477
- SUSE Bug 1206301