git: 072998df6d44 - main - security/vuxml: Document multiple xrdp vulnerabilities
Date: Sat, 10 Dec 2022 14:08:55 UTC
The branch main has been updated by meta:
URL: https://cgit.FreeBSD.org/ports/commit/?id=072998df6d4408d7bc6104d431205c9b3c385fc4
commit 072998df6d4408d7bc6104d431205c9b3c385fc4
Author: Koichiro Iwao <meta@FreeBSD.org>
AuthorDate: 2022-12-10 14:04:49 +0000
Commit: Koichiro Iwao <meta@FreeBSD.org>
CommitDate: 2022-12-10 14:07:46 +0000
security/vuxml: Document multiple xrdp vulnerabilities
Obrained from: https://github.com/neutrinolabs/xrdp/releases/tag/v0.9.21
---
security/vuxml/vuln/2022.xml | 48 ++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 48 insertions(+)
diff --git a/security/vuxml/vuln/2022.xml b/security/vuxml/vuln/2022.xml
index 9d3f44c38d5d..89f9378a6798 100644
--- a/security/vuxml/vuln/2022.xml
+++ b/security/vuxml/vuln/2022.xml
@@ -1,3 +1,51 @@
+ <vuln vid="ba94433c-7890-11ed-859e-1c61b4739ac9">
+ <topic>xrdp -- multiple vulnerabilities</topic>
+ <affects>
+ <package>
+ <name>xrdp</name>
+ <range><lt>0.9.21</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>xrdp project reports:</p>
+ <blockquote cite="https://github.com/neutrinolabs/xrdp/releases/tag/v0.9.21">
+ <p>This update is recommended for all xrdp users and provides following important security fixes:</p>
+ <ul>
+ <li>CVE-2022-23468</li>
+ <li>CVE-2022-23477</li>
+ <li>CVE-2022-23478</li>
+ <li>CVE-2022-23479</li>
+ <li>CVE-2022-23480</li>
+ <li>CVE-2022-23481</li>
+ <li>CVE-2022-23483</li>
+ <li>CVE-2022-23482</li>
+ <li>CVE-2022-23484</li>
+ <li>CVE-2022-23493</li>
+ </ul>
+ <p>These security issues are reported by Team BT5 (BoB 11th). We appreciate their great help with making and reviewing patches.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2022-23468</cvename>
+ <cvename>CVE-2022-23477</cvename>
+ <cvename>CVE-2022-23478</cvename>
+ <cvename>CVE-2022-23479</cvename>
+ <cvename>CVE-2022-23480</cvename>
+ <cvename>CVE-2022-23481</cvename>
+ <cvename>CVE-2022-23483</cvename>
+ <cvename>CVE-2022-23482</cvename>
+ <cvename>CVE-2022-23484</cvename>
+ <cvename>CVE-2022-23493</cvename>
+ <url>https://github.com/neutrinolabs/xrdp/releases/tag/v0.9.21</url>
+ </references>
+ <dates>
+ <discovery>2022-12-01</discovery>
+ <entry>2022-12-10</entry>
+ </dates>
+ </vuln>
+
<vuln vid="050eba46-7638-11ed-820d-080027d3a315">
<topic>Python -- multiple vulnerabilities</topic>
<affects>