[packages/xrdp] up to 0.9.14 (fixes CVE-2022-4044)

atler atler at pld-linux.org
Fri Nov 6 20:32:31 CET 2020 

commit 782957fb7f27db34d54811e38f1f6651414486ca
Author: Jan Palus <atler at pld-linux.org>
Date:   Fri Nov 6 20:30:35 2020 +0100

    up to 0.9.14 (fixes CVE-2022-4044)

 config.patch |  6 +++---
 quiet.patch  |  6 +++---
 xrdp.spec    | 18 ++++++++++++++----
 3 files changed, 20 insertions(+), 10 deletions(-)
---
diff --git a/xrdp.spec b/xrdp.spec
index 136a4f5..de69750 100644
--- a/xrdp.spec
+++ b/xrdp.spec
@@ -5,12 +5,12 @@
 Summary:	Remote desktop server
 Summary(pl.UTF-8):	Serwer remote desktop
 Name:		xrdp
-Version:	0.9.10
+Version:	0.9.14
 Release:	1
 License:	GPL
 Group:		X11/Applications/Networking
 Source0:	https://github.com/neutrinolabs/xrdp/releases/download/v%{version}/%{name}-%{version}.tar.gz
-# Source0-md5:	f2cb9b1f502b88c958de3a424ed6baa9
+# Source0-md5:	6066c2d8d2bb0883f14ab2fafb968404
 Source1:	%{name}.init
 Source2:	%{name}.pamd
 Source3:	%{name}.README.PLD
@@ -26,10 +26,13 @@ BuildRequires:	libtool
 BuildRequires:	openssl-devel
 BuildRequires:	pam-devel
 BuildRequires:	rpmbuild(macros) >= 1.268
+BuildRequires:	systemd-units
 Requires:	xrdp-libs = %{version}-%{release}
 Requires(post,preun):	/sbin/chkconfig
+Requires(post,preun,postun):	systemd-units >= 38
 Requires:	/usr/bin/Xvnc
 Requires:	rc-scripts
+Requires:	systemd-units >= 38
 Requires:	xinitrc-ng
 Requires(postun):       /usr/sbin/groupdel
 Requires(pre):  /usr/bin/getgid
@@ -112,7 +115,8 @@ cd librfxcodec
 %{__autoheader}
 %{__automake}
 cd ..
-%configure
+%configure \
+	--enable-pam-config=redhat
 %{__make} V=1
 
 %install
@@ -125,7 +129,7 @@ install -d $RPM_BUILD_ROOT%{_sysconfdir}/{%{name},pam.d,rc.d/init.d,security}
 install %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/rc.d/init.d/xrdp
 install %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/sesman
 %{__rm} -f $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/xrdp-sesman
-%{__ln} -s sesman $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/xrdp-sesman
+%{__ln_s} sesman $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/xrdp-sesman
 %{__rm} $RPM_BUILD_ROOT%{_libdir}/%{name}/lib*.{a,la}
 %{__rm} -f $RPM_BUILD_ROOT%{_sysconfdir}/xrdp/startwm.sh
 install %{SOURCE5} $RPM_BUILD_ROOT%{_sysconfdir}/xrdp/startwm.sh
@@ -138,17 +142,20 @@ install %{SOURCE5} $RPM_BUILD_ROOT%{_sysconfdir}/xrdp/startwm.sh
 %post
 /sbin/chkconfig --add xrdp
 %service xrdp restart "xrdp server"
+%systemd_post xrdp.service xrdp-sesman.service
 
 %preun
 if [ "$1" = "0" ]; then
 	%service xrdp stop
 	/sbin/chkconfig --del xrdp
 fi
+%systemd_preun xrdp.service xrdp-sesman.service
 
 %postun
 if [ "$1" = "0" ]; then
 	%groupremove xrdp
 fi
+%systemd_reload
 
 %clean
 rm -rf $RPM_BUILD_ROOT
@@ -193,6 +200,8 @@ rm -rf $RPM_BUILD_ROOT
 %attr(755,root,root) %{_libdir}/xrdp/libxrdp.so*
 %attr(755,root,root) %{_libdir}/xrdp/libxrdpapi.so*
 %attr(755,root,root) %{_libdir}/xrdp/libxup.so*
+%{systemdunitdir}/xrdp.service
+%{systemdunitdir}/xrdp-sesman.service
 %dir %{_datadir}/xrdp
 %{_datadir}/xrdp/ad24b.bmp
 %{_datadir}/xrdp/ad256.bmp
@@ -222,6 +231,7 @@ rm -rf $RPM_BUILD_ROOT
 %defattr(644,root,root,755)
 %attr(755,root,root) %{_libdir}/libpainter.so
 %attr(755,root,root) %{_libdir}/librfxencode.so
+%{_includedir}/ms-*.h
 %{_includedir}/painter.h
 %{_includedir}/rfxcodec_common.h
 %{_includedir}/rfxcodec_decode.h
diff --git a/config.patch b/config.patch
index 7b0aa4c..06d8ce8 100644
--- a/config.patch
+++ b/config.patch
@@ -53,9 +53,9 @@ diff -ur xrdp-0.9.7.orig/xrdp/xrdp.ini xrdp-0.9.7/xrdp/xrdp.ini
  fork=true
 +; IP address to listen
 +;address=127.0.0.1
- ; tcp port to listen
- port=3389
- ; 'port' above should be connected to with vsock instead of tcp
+ 
+ ; ports to listen on, number alone means listen on all interfaces
+ ; 0.0.0.0 or :: if ipv6 is configured
 @@ -118,10 +120,10 @@
  ls_btn_cancel_height=30
  
diff --git a/quiet.patch b/quiet.patch
index ee6b5fa..949d5e1 100644
--- a/quiet.patch
+++ b/quiet.patch
@@ -37,9 +37,9 @@ diff -ur xrdp-0.9.7.orig/xrdp/xrdp.c xrdp-0.9.7/xrdp/xrdp.c
              if (pid > 0)
              {
 @@ -597,7 +597,7 @@
-                    or systemd cannot detect xrdp daemon couldn't start properly */
-                 g_exit(1);
-             }
+ 
+         if (0 != pid)
+         {
 -            g_writeln("daemon process %d started ok", pid);
 +            /*g_writeln("daemon process %d started ok", pid);*/
              /* exit, this is the main process */
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/xrdp.git/commitdiff/782957fb7f27db34d54811e38f1f6651414486ca

More information about the pld-cvs-commit mailing list