Bug#878996: marked as done (stretch-pu: package xrdp/0.9.1-9)

Sat, 09 Dec 2017 02:59:04 -0800 

Your message dated Sat, 09 Dec 2017 10:46:36 +0000
with message-id <1512816396.1994.30.ca...@adam-barratt.org.uk>
and subject line Closing bugs for updates included in stretch point release
has caused the Debian Bug report #878996,
regarding stretch-pu: package xrdp/0.9.1-9
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
878996: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878996
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian....@packages.debian.org
Usertags: pu

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Dear stable release managers,

I would like to update xrdp in stretch.

xrdp 0.9.1-9 has a bug marked as important in the BTS, causing xrdp to
go into an endless loop whewn shutting down an SSL context and causing
very high load on the system when it does.

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876976

Find attached the debdiff between the current stable version and the
proposed update.

Cheers,
Nik

- -- System Information:
Debian Release: buster/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 
'experimental-debug')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.12.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en 
(charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)

-----BEGIN PGP SIGNATURE-----

iQJ4BAEBCABiFiEEPJ1UpHV1wCb7F/0mt5o8FqDE8pYFAlnnJwkxGmh0dHBzOi8v
d3d3LmRvbWluaWstZ2VvcmdlLmRlL2dwZy1wb2xpY3kudHh0LmFzYxIcbmlrQG5h
dHVyYWxuZXQuZGUACgkQt5o8FqDE8pZwuRAApyqFBZMpTFICL5NOrVXnC43+W0I5
q2ft6ukZ+9nhSMYsFCohxtqthfzn3YW2CcSHBmfk5Ig/+UST+zARiw48qM+a0/pW
Wr9gsK2UMlnSve1R/4kw5NKfFfAxTF1L+JGvvAbEwfsM42jLdQkQOb/7uc8oe+bE
OEKs+HvU5PcsAGv4beoLANtWzikg1nIoukppyRPaZx3HY3iGZv5NVRmrY68mWYHM
/Z8dv4spg6qpCOt8PrMmIe7K2SbS4apUKNDjbgh/BFAkHSKQs3xpBKeGmtFak4oM
mc2GmvHfcDG74qqNOn0Z/NwKaQhBUWjEx/Ok45ctNWcKObk5WZ02G5zrhYz7K7J6
Y0QKoC+f1E8zH0iQAhW80AaOIFZfT1OonNLpxQcc/JECQYSIxZsr/e6EAEeQWCeV
OUCLZh/7tBpnRwzXKAEr36QGlKfyjtchCnbgfFO+2yiaOIc2mn8Lx5QgSUnv+vlV
HGqVvdtZecDKz862zKew495Xuf16gBxg95zS5sfKzLEG+xzspr41Pve+QC25rJry
BV3OsrS4IhpMaOUQEyJhY+AncWX0ZvWQraPF7Ise5YWiI5sjIFGmQkjqjoT2QiB/
pFYnOUaPv7zkPaBI3NL4+GZyMskPba16gnL0032HrIRhFdAerXd6bUBtX50Gq9FF
jfjCKuq2/VZbMzY=
=z88f
-----END PGP SIGNATURE-----

diff -Nru xrdp-0.9.1/debian/changelog xrdp-0.9.1/debian/changelog
--- xrdp-0.9.1/debian/changelog 2017-05-04 18:59:10.000000000 +0200
+++ xrdp-0.9.1/debian/changelog 2017-10-18 11:56:31.000000000 +0200
@@ -1,3 +1,11 @@
+xrdp (0.9.1-9+deb9u1) stable; urgency=medium
+
+  * Fix high CPU load on SSL shutdown. (Closes: #876976)
+    + xrdp could in some situations cause permanent high load on a
+      system if an SSL shutdown got into an endless loop.
+
+ -- Dominik George <n...@naturalnet.de>  Wed, 18 Oct 2017 11:56:31 +0200
+
 xrdp (0.9.1-9) unstable; urgency=high
 
   * Revisit incomplete fix for CVE-2017-6967. (Closes: #858143)
diff -Nru xrdp-0.9.1/debian/patches/fix-876976.patch 
xrdp-0.9.1/debian/patches/fix-876976.patch
--- xrdp-0.9.1/debian/patches/fix-876976.patch  1970-01-01 01:00:00.000000000 
+0100
+++ xrdp-0.9.1/debian/patches/fix-876976.patch  2017-10-18 11:53:29.000000000 
+0200
@@ -0,0 +1,16 @@
+From: Jay Sorg <jay.s...@gmail.com>
+Origin: 
https://github.com/neutrinolabs/xrdp/commit/2c96908ea500880c71d3593dd2b2b5b5275bdbf5
+Subject: if SSL_shutdown fails, only call one more time
+Bug: https://github.com/neutrinolabs/xrdp/issues/872
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876976
+--- a/common/ssl_calls.c
++++ b/common/ssl_calls.c
+@@ -754,7 +754,7 @@ ssl_tls_disconnect(struct ssl_tls *self)
+         return 0;
+     }
+     status = SSL_shutdown(self->ssl);
+-    while (status != 1)
++    if (status != 1)
+     {
+         status = SSL_shutdown(self->ssl);
+         if (status <= 0)
diff -Nru xrdp-0.9.1/debian/patches/series xrdp-0.9.1/debian/patches/series
--- xrdp-0.9.1/debian/patches/series    2017-04-27 12:48:33.000000000 +0200
+++ xrdp-0.9.1/debian/patches/series    2017-10-18 11:50:09.000000000 +0200
@@ -10,3 +10,4 @@
 kb_jp.diff
 highres.diff
 cve-2017-6967.diff
+fix-876976.patch

--- End Message ---
--- Begin Message --- 
Version: 9.3

Hi,

Each of the updates referenced in these bugs was included in this
morning's stretch point release. Thanks!

Regards,

Adam

--- End Message ---

Reply via email to