Debian alert DLA-4464-1 (xrdp)
| From: | Utkarsh Gupta <utkarsh@debian.org> | |
| To: | debian-lts-announce@lists.debian.org | |
| Subject: | [SECURITY] [DLA 4464-1] xrdp security update | |
| Date: | Tue, 03 Feb 2026 05:46:48 +0530 | |
| Message-ID: | <CAPP0f95zQyYhe63OzsaF2SABjb+uvkDTM_2siWWHmRO5dCE6oQ@mail.gmail.com> |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ----------------------------------------------------------------------- Debian LTS Advisory DLA-4464-1 debian-lts@lists.debian.org https://www.debian.org/lts/security/ Utkarsh Gupta February 03, 2026 https://wiki.debian.org/LTS - ----------------------------------------------------------------------- Package : xrdp Version : 0.9.21.1-1~deb11u3 CVE ID : CVE-2025-68670 Debian Bug : 1126537 xrdp is an open source RDP server. It was found that xrdp contains an unauthenticated stack-based buffer overflow vulnerability. The issue stems from improper bounds checking when processing user domain information during the connection sequence. If exploited, the vulnerability could allow remote attackers to execute arbitrary code on the target system. For Debian 11 bullseye, this problem has been fixed in version 0.9.21.1-1~deb11u3. We recommend that you upgrade your xrdp packages. For the detailed security status of xrdp please refer to its security tracker page at: https://security-tracker.debian.org/tracker/xrdp Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAmmBPlQACgkQgj6WdgbD S5Y3XQ//fhNp708Tiqwo6YWlT4FUKsOTGwISruGiBDC4F1cSorkONudWV1NOhutz MHA11AaAjIR5Rp9bmSjgIoDS3eWTlWIxboMx/vkIrlw4GR7s3vwjDvSIfiFb7zwq Z4ASo+1l13BMMFwgYbQ7T6VdY5ItuCzppOFg6GjntcZRFpM7drW+Fu5U1i3StzcH lwnMLKvuwY6Acz+zx+W3rAz26rqCKobtWHMbRx583TM8xyeX0dbHaHZy0LqPw89g 1TVmOTZ0O93aA5CfotS2lB1cc3DA44aDVgp3KfRERkP/uYbw1sN0SMdO+DUv2+Yl 28Blgr9gzu4GC6fjZcFw7Lk6kS98gPpHnw+084WKA4G2r+rdCTjsI+PZs4fvN+aS B+wsxJinjYDy/ki9akB9AMx0fKfEaZ915otj6eeBadV8IYRPuvruzVbJgUBlxaWW XdidXZ3FhU6l2hJgPhl06ldLOkk0XNqYZRgyGXRbA2kK2ZueWrcAyfL8ThpUu1AT ukh4O4RLLzWa7nITj5z4BLRL+O1m2sdAWIjslz20YK41640rhXhKD9KdXfmpFmP8 bpFOZFzszLvrd/d7paInpcQBlP9HNTjJr2F7cNkuyZ503oBYUpwQG6reYczRqH1M vZGnsLWLYbJMYNwDuKVXpKvhrFJYhL+zFr/LX0aEBvfdDAgdmig= =iAHV -----END PGP SIGNATURE-----