oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE-2017-6967 xrdp PAM auth_start_session()

From: Seth Arnold <seth.arnold () canonical com>
Date: Fri, 17 Mar 2017 18:12:02 -0700
Hello, CVE-2017-6967 has been assigned to xrdp for an incorrect placement
of auth_start_session().

Full details are at:
https://github.com/neutrinolabs/xrdp/issues/350
https://github.com/neutrinolabs/xrdp/pull/694
https://github.com/neutrinolabs/xrdp/pull/695
https://bugs.launchpad.net/ubuntu/+source/xrdp/+bug/1672742

I believe this is the change upstream has chosen to use:

https://github.com/neutrinolabs/xrdp/pull/696/commits/44129acd210c803fc8bbcfaf1b0db05e5bb4034f

Thanks

Attachment: signature.asc
Description:

Previous By Date Next
Previous By Thread Next

Current thread: