Released 2006-10-20.
Hmm, there's only one little change in xrdp-0.3.2/sesman/env.c -- might be security related?! --8<-- --- xrdp-0.3.1/sesman/env.c 2006-07-30 06:39:17.000000000 +0200 +++ xrdp-0.3.2/sesman/env.c 2006-10-21 05:02:19.000000000 +0200 @@ -70,11 +70,11 @@ if (error == 0) { error = g_setgid(pw_gid); + g_initgroups(username, pw_gid); if (error == 0) { uid = pw_uid; error = g_setuid(uid); - g_initgroups(username, pw_gid); } if (error == 0) { --8<-- So the other patches from 0.3.1 still need to be applied.
Bump!
*** Bug 195302 has been marked as a duplicate of this bug. ***
Created attachment 148088 [details] net-misc/xrdp-0.4.0.ebuild Ebuild to bump to 0.4.0, also fixes bug #143230 and bug #168133
Created attachment 148089 [details, diff] xrdp-0.4.0-curdir.patch Forward port patch from 0.3.1
0.4.1 is out now
Created attachment 182971 [details] 0.4.1 ebuild Here's an ebuild that works well for me against 0.4.1. It addresses bug 143230, bug 168133, bug 176723 (also has an ebuild), bug 252022, and bug 250499 (a direct dupe, has an ebuild). It does not address security bug 255148, as upstream hasn't yet released their [checked in] fixes. I deviated from the original by using sed to fix the CFLAGS, libdir, and rpath issues (less work for me) and by installing some extra bits (libscp) that the default 'installdeb' doesn't do. Also had to add '-j1' to 'emake' to avoid QA complaints.
+ 01 Mar 2009; Patrick Lauer <patrick@gentoo.org> + +files/xrdp-0.4.1-curdir.patch, +xrdp-0.4.1.ebuild: + Bump to 0.4.1. Fixes #171411. Ebuild contributed by schism@subverted.org, + patch by Christoph Brill.