Hi!
Frank Richter wrote:
> --- a/sesman/libscp/libscp_v0.c 2017-12-12 14:07:58.0 +0100
> +++ b/sesman/libscp/libscp_v0.c 2017-12-12 14:09:16.0 +0100
> @@ -203,7 +203,7 @@
>
> /* reading username */
> in_uint16_be(c->in_s, sz);
> -buf[sz]=g_new0(char, sz);
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi,
On Wed, 2017-12-13 at 17:44 +, Chris Lamb wrote:
> Hi Lucas,
>
> > I will apply your patch, run another round of tests and upload the
> > fixed version.
>
> Any update on this? :) Feels bad (and bad "publicity" of sorts) to
> have known r
Hi Lucas,
> I will apply your patch, run another round of tests and upload the
> fixed version.
Any update on this? :) Feels bad (and bad "publicity" of sorts) to
have known regressions in Debian LTS...!
Best wishes,
--
,''`.
: :' : Chris Lamb
`. `'` la...@debian.or
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi Frank,
You were faster than me, seems that you found the problem.
Probably I did not exercise this part of the source code in my tests,
thanks for the report and the provided patch.
I will apply your patch, run another round of tests and upload
Hi,
the following patch fixes the regression, at least for me:
--- a/sesman/libscp/libscp_v0.c 2017-12-12 14:07:58.0 +0100
+++ b/sesman/libscp/libscp_v0.c 2017-12-12 14:09:16.0 +0100
@@ -203,7 +203,7 @@
/* reading username */
in_uint16_be(c->in_s, sz);
-buf[sz]=g_n
Hi again,
After the update xrdp-sesman started to segfault in libscp:
Thanks for the report. I did not catch this segfault during my tests.
Thanks for investigation.
I have a spare server with same configuration and will try to reproduce
the issue.
I can reproduce the error on this spa
Hi,
After the update xrdp-sesman started to segfault in libscp:
Thanks for the report. I did not catch this segfault during my tests.
Thanks for investigation.
I have a spare server with same configuration and will try to reproduce
the issue.
Best regards,
Frank.
--
Frank Richter
Le
Hi,
> Hi Frank,
>
>> After the update xrdp-sesman started to segfault in libscp:
>
Thanks for the report. I did not catch this segfault during my tests.
> Thank you for the report. I'm adding Lucas Kanashiro to the CC as
> he performed this upload and will likely be able to fix this faster.
>
>
Hi,
> You can't see the CVE-2017-16927.patch? I do not have my laptop with me
> right now, but I will check the patch and investigate the issue ASAP.
Great stuff. (I can see it now — it must have caught me pre-coffee...!)
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` la
Hi Frank,
> After the update xrdp-sesman started to segfault in libscp:
Thank you for the report. I'm adding Lucas Kanashiro to the CC as
he performed this upload and will likely be able to fix this faster.
(Lucas, I can't immediately see the patch under debian/patches?)
Best wishes,
--
Dear Debian LTS Team,
today we updated xrdp in wheezy/lts to 0.5.0-2+deb7u2.
Architecture is i386.
Release is 7.11 with all upgrades applied.
After the update xrdp-sesman started to segfault in libscp:
Dec 12 07:54:33 flts kernel: [7210262.262235] xrdp-sesman[27580]:
segfault at 9 ip f
11 matches
Mail list logo
