Back to guacamole-server PTS page

Accepted guacamole-server 0.9.9-2+deb9u1 (source) into oldstable



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 06 Nov 2020 22:44:56 +0100
Source: guacamole-server
Binary: libguac-dev guacd libguac-client-rdp0 libguac-client-ssh0 libguac-client-vnc0 libguac-client-telnet0 libguac11
Architecture: source
Version: 0.9.9-2+deb9u1
Distribution: stretch-security
Urgency: high
Maintainer: Debian Remote Maintainers <pkg-remote-team@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description:
 guacd      - HTML5 web application for accessing remote desktops (proxy daemon
 libguac-client-rdp0 - HTML5 web application for accessing remote desktops (RDP support)
 libguac-client-ssh0 - HTML5 web application for accessing remote desktops (SSH support)
 libguac-client-telnet0 - HTML5 web application for accessing remote desktops (Telnet suppo
 libguac-client-vnc0 - HTML5 web application for accessing remote desktops (VNC support)
 libguac-dev - Guacamole proxy daemon (core library headers)
 libguac11  - HTML5 web application for accessing remote desktops (library)
Changes:
 guacamole-server (0.9.9-2+deb9u1) stretch-security; urgency=high
 .
   * Non-maintainer upload by the LTS team.
   * Fix CVE-2020-9498:.
     Apache Guacamole may mishandle pointers involved in processing data
     received via RDP static virtual channels. If a user connects to a malicious
     or compromised RDP server, a series of specially-crafted PDUs could result
     in memory corruption, possiblyi allowing arbitrary code to be executed with
     the privileges of the running guacd process.
   * Fix CVE-2020-9497:
     Apache Guacamole does not properly validate data received from RDP servers
     via static virtual channels. If a user connects to a malicious or
     compromised RDP server, specially-crafted PDUs could result in disclosure
     of information within the memory of the guacd process handling the
     connection.
Checksums-Sha1:
 9075d83ed55dfce070183c6f77c5bb7053c98649 2778 guacamole-server_0.9.9-2+deb9u1.dsc
 a1ab3bf1e39291e318182b85055587fd98b39de1 679797 guacamole-server_0.9.9.orig.tar.gz
 58dcdff36cf314baeae2343d08af98aacca66e80 15856 guacamole-server_0.9.9-2+deb9u1.debian.tar.xz
 5ed4737bde9cb14df822196afbd98d6c106c1772 17687 guacamole-server_0.9.9-2+deb9u1_amd64.buildinfo
Checksums-Sha256:
 7dfaf077c3e92edf9a9ef014b5e73419a5f3bc6345c4d398e4ddcd326dc00675 2778 guacamole-server_0.9.9-2+deb9u1.dsc
 4263e78c7f7c6fe04bd4bbe96634aa612ae67e4ce64fdc4feb8d16ce70e724ff 679797 guacamole-server_0.9.9.orig.tar.gz
 5d922e64996e84c3b0fbbae92b9f6d3b50aef4d5c6a8b012ecf06ce079ae4a50 15856 guacamole-server_0.9.9-2+deb9u1.debian.tar.xz
 26889f752086fe7256432b1384239ae71e03aebfec713a3c05bc891f4f14feb8 17687 guacamole-server_0.9.9-2+deb9u1_amd64.buildinfo
Files:
 b91e357228e2b4947b677b703fdde804 2778 net extra guacamole-server_0.9.9-2+deb9u1.dsc
 cce818bfcba35fe0456b45d988118893 679797 net extra guacamole-server_0.9.9.orig.tar.gz
 744e604c0baafa53d0edf31aeba69b8d 15856 net extra guacamole-server_0.9.9-2+deb9u1.debian.tar.xz
 728d1e1bb6962124b974fcc8b767e988 17687 net extra guacamole-server_0.9.9-2+deb9u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAl+lyEpfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1Hk+g4P/RK4phFt3UzzGT64r8652hikfsy+KIIYHUti
2cVUQuxS+THFHcwLBG7lpnPEVZpJUIB9UbtDpTjce/RGz3hDPrhl4mdIBcizyKcW
LjbxK72pWsFhv0z2DStoeJO/QychU66Po5TbFxzjh+bmR7z0Z7vGDk4A0kJQLcp/
VqLry+PzdvowOizYix56TjPCp/1Y+s9QJzWpHMA7vaNPntdd6R/w48//6phcB9r9
nA5b2jgHOGY10XjNDyJxHRrlq0bDpNpcVijM2Tb1gt7zic+j63thikPoPf6SUqMj
3kvKHvOC1+QtImEZuojkCGkAXgftEOZtcFvhdG+uFLZMCxV1X409tW9essMoVN12
2qwMQoSl0aqV6KsMgxDnZOO1E/0bQhRkJiElMDvjK8sURZlXdEO1VaCtksiBjMHA
reY95+GQZ3mKU0rBQpV+UiqhuY8o8o/W388wAGHSXeFQLo9lj0VJYc9RjirLXTky
7M++HSn6auvvEgW0aWjrd5RqXqh9ZXxduNRsUurQEvi1IXAev9oAOiBbZnD8q++l
/lIuJug73WiT2u06SWDw8kQtJb9v2Klgi6bLTP+9tTk26O+tXbqupeUzxIS9QWCx
A3ky3Nf6TIb9IQV4r583kIEyEo6pj1ev2zzBiFqR+t25NZYs3scFQLiJ64jGOXvZ
LAQ2SGAX
=/7JG
-----END PGP SIGNATURE-----