This is a security release to address various buffer overflow and overrun issues in the rdesktop protocol handling. rdesktop will now detect any attempts to access invalid areas and refuse to continue. Users are advised to upgrade as soon as possible. A big thank you to Kaspersky Lab and National Cyber Security Centre for identifying these issues. https://github.com/rdesktop/rdesktop/releases/tag/v1.8.5
Status comment: (none) => Fixed upstream in 1.8.5
Advisory ======== This is a security release to address various buffer overflow and overrun issues in the rdesktop protocol handling identified by Kaspersky Lab and National Cyber Security Centre. rdesktop will now detect any attempts to access invalid areas and refuse to continue. References ========== https://github.com/rdesktop/rdesktop/releases/tag/v1.8.5 Files ===== Uploaded to core/updates_testing rdesktop-1.8.5-1.mga6 from rdesktop-1.8.5-1.mga6.src.rpm
Assignee: smelror => qa-bugsStatus comment: Fixed upstream in 1.8.5 => Version 1.8.5 pushed to Cauldron
Had endless problems with getting this to run properly in a previous update. Trying the program before updating. Selected a target machine - canopus: Installed xrdp on canopus. # urpmi xrdp 1/3: vnc-server-common ############################################# 2/3: tigervnc-server ############################################# 3/3: xrdp ############################################# Generating a RSA private key .....................................................................................................................................................................+++++ .................................................................................+++++ writing new private key to '/etc/pki/tls/private/xrdp.pem' # systemctl start xrdp # systemctl enable xrdp # systemctl status xrdp ● xrdp.service - xrdp daemon Loaded: loaded (/usr/lib/systemd/system/xrdp.service; enabled; vendor preset: Active: active (running) since Sun 2019-05-12 16:26:26 BST; 18s ago Docs: man:xrdp(8) man:xrdp.ini(5) Main PID: 9843 (xrdp) CGroup: /system.slice/xrdp.service └─9843 /usr/sbin/xrdp --nodaemon May 12 16:26:26 canopus systemd[1]: Started xrdp daemon. May 12 16:26:26 canopus xrdp[9843]: (9843)(140305489258624)[INFO ] starting xrdp with pid 9843 May 12 16:26:26 canopus xrdp[9843]: (9843)(140305489258624)[INFO ] listening to port 3389 on 0.0.0.0 Back on local machine: $ rdesktop -u lcl -d localhost.localdomain -n canopus server Autoselected keyboard map en-gb ERROR: server: unable to connect Earlier this had been tried: $ rdesktop server and a gui popped up. Clicking connect allowed the target host to be specified, with a username and password for ssh. That produced a terminal screen for canopus - just like logging in over ssh. No sign of X. Exited from that. Any subsequent attempts to use rdesktop server resulted in "unable to connect". What we really need is a guide for muffins. How for instance do you get back to square one? There is probably a way to select RDP - I imagined that the ssh part was just for authentication but maybe not.
CC: (none) => tarazed25
Tried removing rdesktop and reinstalling but that had no effect. 'rdesktop server' would not raise the gui.
Started xrdp service on local machine, modified sesman.ini and started xrdp-sesman service. $ rdesktop server No gui...
From an older bug: $ rdesktop -u lcl canopus:3389 Autoselected keyboard map en-gb Connection established using SSL. That brought up a blank cyan panel which failed to respond to mouse-clicks or keyboard events. Tried again but chose Xvnc instead of Xorg. That showed a remote desktop with a konsole and a couple of messages about firefox and Plasma unable to start because of OpenGL 2 problem. Tried again with the -f fullscreen option, which worked for the gui but failed to show the target desktop at full size. There was no way to exit - required a remote login from the target machine to kill it. Investigating the xrdp configuration files....
Updated rdesktop for mga6, x86_64. Tried this command: $ rdesktop -u lcl -g 2560x1440 canopus:3389 Autoselected keyboard map en-gb Connection established using SSL. WARNING: Remote desktop changed from 2560x1440 to 800x600. /dev/dsp: No such file or directory NOT IMPLEMENTED: data PDU 40 NOT IMPLEMENTED: RDPDR pakid 0x554c of component 0x4472 It worked perfectly for the gui but snapped back to 800x600 for the desktop. Maybe something needs to be configured at the remote end? Xvnc maybe - unknown territory again.
MGA6-32 MATE on IBM-Thinkpad R50e No installation issues. Made sure that xrdp is installed and runs on desktop on LAN and port 3389 is opened. At CLI: $ rdesktop mach1 Autoselected keyboard map nl-be Connection established using SSL. /dev/dsp: Bestand of map bestaat niet NOT IMPLEMENTED: RDPDR pakid 0x554c of component 0x4472 I get the login screen for the desktop PC, but then a message appears that Plasma (is the default on the desktop PC) needs OpenGL2, but this laptop only supports OpenGL1.3. If I find some time, I'll try to run Xfce on the desktop PC and check if that makes any difference.
CC: (none) => herman.viaene
Running Xfce on the remote desktop PC. After logging in, all I get is a black screen with a mouse pointer. No reaction on mouse or keyboard operations.
If you don't have a Windows machine to test this against, unless the behavior you're seeing is a regression, please validate this.
@David, I get the same black screen with vncviewer, so that might be another problem alltogether, so OK-ing.
Whiteboard: (none) => MGA6-32-OKKeywords: (none) => validated_updateCC: (none) => sysadmin-bugs
CC: (none) => tmbKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2019-0209.html
Status: NEW => RESOLVEDResolution: (none) => FIXED