-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5502-1 security@debian.org https://www.debian.org/security/ Markus Koschany September 18, 2023 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : xrdp CVE ID : CVE-2022-23468 CVE-2022-23477 CVE-2022-23478 CVE-2022-23479 CVE-2022-23480 CVE-2022-23481 CVE-2022-23482 CVE-2022-23483 CVE-2022-23484 CVE-2022-23493 Debian Bug : 1025879 Multiple security vulnerabilities have been found in xrdp, a remote desktop protocol server. Buffer overflows and out-of-bound writes may cause a denial of service or other unspecified impact. For the oldstable distribution (bullseye), these problems have been fixed in version 0.9.21.1-1~deb11u1. We recommend that you upgrade your xrdp packages. For the detailed security status of xrdp please refer to its security tracker page at: https://security-tracker.debian.org/tracker/xrdp Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org