Oval Definition:	oval:org.opensuse.security:def:59059
Revision Date: 2020-12-01 Version: 1 Title: Security update for xrdp (Important) Description: This update for xrdp fixes the following issues: Security issues fixed: - CVE-2013-1430: When successfully logging in using RDP into an xrdp session, the file ~/.vnc/sesman_${username}_passwd was created. Its content was the equivalent of the user's cleartext password, DES encrypted with a known key (bsc#1015567). - CVE-2017-16927: The scp_v0s_accept function in sesman/libscp/libscp_v0.c in the session manager in xrdp through used an untrusted integer as a write length, which could lead to a local denial of service (bsc#1069591). - CVE-2017-6967: Fixed call of the PAM function auth_start_session(). This lead to to PAM session modules not being properly initialized, with a potential consequence of incorrect configurations or elevation of privileges, aka a pam_limits.so bypass (bsc#1029912). Other issues addressed: - The KillDisconnected option for TigerVNC Xvnc sessions is now supported (bsc#1101506) - Fixed an issue with delayed X KeyRelease events (bsc#1100453) - Force xrdp-sesman.service to start after xrdp.service. (bsc#1014524) - Avoid use of hard-coded sesman port. (bsc#1060644) - Backport upstream commit 5575197, sesman should stop setting LANG and let initialization scripts take care of it (bsc#1023988). - Backport upstream patches for 32bpp support (bsc#1022098). - Fixed a regression connecting from Windows 10. (bsc#1090174) Family: unix Class: patch Status: Reference(s): 1014524 1015567 1022098 1023988 1029912 1054413 1060644 1069591 1073879 1090174 1100453 1101506 1104129 1104301 1106171 1106172 1106173 1106195 1107410 1107411 1107412 1107413 1107420 1107421 1107422 1107423 1107426 1107581 1108027 1109105 1111622 1122668 1126068 1126069 1133185 1139073 1141035 1141670 1144903 1145092 1153108 1153158 1153161 1155988 1159913 1163933 1165631 1165787 1172265 1172906 1172935 1173197 1174421 761500 922448 929736 935252 945455 947357 961596 967128 CVE-2013-1430 CVE-2014-0172 CVE-2014-3675 CVE-2014-3676 CVE-2014-3677 CVE-2014-9447 CVE-2015-2296 CVE-2015-9542 CVE-2017-16927 CVE-2017-6967 CVE-2017-9103 CVE-2017-9104 CVE-2017-9105 CVE-2017-9106 CVE-2017-9107 CVE-2017-9108 CVE-2017-9109 CVE-2018-15908 CVE-2018-15909 CVE-2018-15910 CVE-2018-15911 CVE-2018-16509 CVE-2018-16510 CVE-2018-16511 CVE-2018-16513 CVE-2018-16539 CVE-2018-16540 CVE-2018-16541 CVE-2018-16542 CVE-2018-16543 CVE-2018-16585 CVE-2018-16802 CVE-2018-17183 CVE-2018-18074 CVE-2018-5383 CVE-2018-5740 CVE-2018-5743 CVE-2018-5745 CVE-2019-10208 CVE-2019-10220 CVE-2019-11135 CVE-2019-11139 CVE-2019-17133 CVE-2019-5108 CVE-2019-6465 CVE-2020-10188 CVE-2020-14093 CVE-2020-14154 CVE-2020-14954 CVE-2020-15705 CVE-2020-1749 SUSE-SU-2019:0466-1 SUSE-SU-2019:1860-1 SUSE-SU-2019:2159-1 SUSE-SU-2019:2988-1 SUSE-SU-2020:1117-1 SUSE-SU-2020:1533-1 SUSE-SU-2020:1792-1 SUSE-SU-2020:1794-1 SUSE-SU-2020:2308-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information MozillaThunderbird-52.7-lp150.2 is installed OR MozillaThunderbird-translations-common-52.7-lp150.2 is installed OR MozillaThunderbird-translations-other-52.7-lp150.2 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information libIlmImf-2_2-23-2.2.1-lp151.4.6 is installed OR libIlmImf-2_2-23-32bit-2.2.1-lp151.4.6 is installed OR libIlmImfUtil-2_2-23-2.2.1-lp151.4.6 is installed OR libIlmImfUtil-2_2-23-32bit-2.2.1-lp151.4.6 is installed OR openexr-2.2.1-lp151.4.6 is installed OR openexr-devel-2.2.1-lp151.4.6 is installed OR openexr-doc-2.2.1-lp151.4.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information bind-9.9.9P1-63.12 is installed OR bind-chrootenv-9.9.9P1-63.12 is installed OR bind-doc-9.9.9P1-63.12 is installed OR bind-libs-9.9.9P1-63.12 is installed OR bind-utils-9.9.9P1-63.12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information ghostscript-9.25-23.13 is installed OR ghostscript-x11-9.25-23.13 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND xrdp-0.9.0~git.1456906198.f422461-16.9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information elfutils-0.158-6 is installed OR libasm1-0.158-6 is installed OR libasm1-32bit-0.158-6 is installed OR libdw1-0.158-6 is installed OR libdw1-32bit-0.158-6 is installed OR libebl1-0.158-6 is installed OR libebl1-32bit-0.158-6 is installed OR libelf1-0.158-6 is installed OR libelf1-32bit-0.158-6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information ghostscript-9.27-23.28 is installed OR ghostscript-x11-9.27-23.28 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information MozillaFirefox-68.2.0-109.95 is installed OR MozillaFirefox-translations-common-68.2.0-109.95 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_162-94_69-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_21-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND mutt-1.10.1-55.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information dbus-1-glib-0.100.2-3 is installed OR dbus-1-glib-32bit-0.100.2-3 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information krb5-appl-1.0.3-3.3 is installed OR krb5-appl-clients-1.0.3-3.3 is installed OR krb5-appl-servers-1.0.3-3.3 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information ghostscript-9.27-23.28 is installed OR ghostscript-x11-9.27-23.28 is installed
BACK