Your message dated Wed, 15 Aug 2007 22:39:34 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#418654: fixed in rdesktop 1.5.0-1etch1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: rdesktop
Version: 1.5.0-1
Severity: grave
Architecture: i386
Debian Release: Stable (etch)
After a recent update on stable, rdesktop segfaults repeatedly and is
completely unusable. The root cause of this issue is a change in libx11-6
(1.0.3-7) which had a recent security fix. The main issue is that the
XCreateImage function has a change which impacts rdesktop (and other
packages that depend on this library).
I'm attaching a patch that fixes this issue (I've tested it and it works
perfectly on etch and is very stable).
The fix is against the xwin.c file (from the original rdesktop source
distribution) in the rdesktop distribution.
Please update this ASAP since this is a critical bug and renders rdesktop
completely unusable unless you downgrade to libx11-6 1.0.3-6.
Please forward the patch upstream.
Thanks.
Narayanan.
*** xwin.c Wed Apr 11 12:31:43 2007
--- rdesktop-1.5.0/xwin.c Mon Aug 7 07:45:44 2006
*************** ui_create_glyph(int width, int height, u
*** 2413,2427 ****
g_create_glyph_gc = XCreateGC(g_display, bitmap, 0, NULL);
image = XCreateImage(g_display, g_visual, 1, ZPixmap, 0, (char *) data,
! width, height, 8, 0);
! /* Patch to prevent Seg Faults - based on changes in libx11
! * to fix a security issue (CVE-2007-1667)
! * See: http://lists.debian.org/debian-x/2007/04/msg00052.html
! * See:
http://www.nabble.com/Bug-418295:-vice-broken-by-libx11-security-update-t3544947.html
! *
! * ORIGINAL: width, height, 8, scanline);
! * NEW : width, height, 8, 0);
! */
image->byte_order = MSBFirst;
image->bitmap_bit_order = MSBFirst;
XInitImage(image);
--- 2413,2419 ----
g_create_glyph_gc = XCreateGC(g_display, bitmap, 0, NULL);
image = XCreateImage(g_display, g_visual, 1, ZPixmap, 0, (char *) data,
! width, height, 8, scanline);
image->byte_order = MSBFirst;
image->bitmap_bit_order = MSBFirst;
XInitImage(image);
*************** ui_desktop_restore(uint32 offset, int x,
*** 3220,3254 ****
{
XImage *image;
uint8 *data;
- int bitmap_pad;
offset *= g_bpp / 8;
data = cache_get_desktop(offset, cx, cy, g_bpp / 8);
if (data == NULL)
return;
- if (g_server_depth == 8)
- {
- bitmap_pad = 8;
- }
- else
- {
- bitmap_pad = g_bpp;
-
- if (g_bpp == 24)
- bitmap_pad = 32;
- }
-
image = XCreateImage(g_display, g_visual, g_depth, ZPixmap, 0,
! (char *) data, cx, cy, bitmap_pad, 0);
! /* Patch to prevent Seg Faults - based on changes in libx11
! * to fix a security issue (CVE-2007-1667)
! * See: http://lists.debian.org/debian-x/2007/04/msg00052.html
! * See:
http://www.nabble.com/Bug-418295:-vice-broken-by-libx11-security-update-t3544947.html
! *
! * ORIGINAL: (char *) data, cx, cy, BitmapPad(g_display), cx * g_bpp /
8);
! * NEW : (char *) data, cx, cy, BitmapPad(g_display), 0);
! */
if (g_ownbackstore)
{
--- 3212,3225 ----
{
XImage *image;
uint8 *data;
offset *= g_bpp / 8;
data = cache_get_desktop(offset, cx, cy, g_bpp / 8);
if (data == NULL)
return;
image = XCreateImage(g_display, g_visual, g_depth, ZPixmap, 0,
! (char *) data, cx, cy, BitmapPad(g_display), cx *
g_bpp / 8);
if (g_ownbackstore)
{
--- End Message ---
--- Begin Message ---
Source: rdesktop
Source-Version: 1.5.0-1etch1
We believe that the bug you reported is fixed in the latest version of
rdesktop, which is due to be installed in the Debian FTP archive:
rdesktop_1.5.0-1etch1.diff.gz
to pool/main/r/rdesktop/rdesktop_1.5.0-1etch1.diff.gz
rdesktop_1.5.0-1etch1.dsc
to pool/main/r/rdesktop/rdesktop_1.5.0-1etch1.dsc
rdesktop_1.5.0-1etch1_i386.deb
to pool/main/r/rdesktop/rdesktop_1.5.0-1etch1_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Laszlo Boszormenyi (GCS) <[EMAIL PROTECTED]> (supplier of updated rdesktop
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Thu, 12 Apr 2007 21:34:13 +0000
Source: rdesktop
Binary: rdesktop
Architecture: source i386
Version: 1.5.0-1etch1
Distribution: stable
Urgency: low
Maintainer: Laszlo Boszormenyi (GCS) <[EMAIL PROTECTED]>
Changed-By: Laszlo Boszormenyi (GCS) <[EMAIL PROTECTED]>
Description:
rdesktop - RDP client for Windows NT/2000 Terminal Server
Closes: 418654
Changes:
rdesktop (1.5.0-1etch1) stable; urgency=low
.
* Fix segfault regression caused by libx11-6 security fix (closes: #418654).
Files:
87d119884fa1734561b511aaf69d5163 640 x11 optional rdesktop_1.5.0-1etch1.dsc
cc2f5015084c6903534e1ebc9d12fb0c 18288 x11 optional
rdesktop_1.5.0-1etch1.diff.gz
18e5779071a5841c853ce33d28ab8a6e 122668 x11 optional
rdesktop_1.5.0-1etch1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGIV1+MDatjqUaT90RAn4UAJ4qeOjN9OhtC4Ocd60F15bFbQI/eQCfat79
VW4evO+8loirjZ3ZmFNhOSw=
=F06o
-----END PGP SIGNATURE-----
--- End Message ---
