xrdp: fix dead link #110425
xrdp: fix dead link #110425
Conversation
sha256 unchanged
| repo = "xrdp"; | ||
| rev = "refs/tags/runtime-cfg-path-${version}"; # Fixes https://github.com/neutrinolabs/xrdp/issues/609; not a patch on top of the official repo because "xorgxrdp.configureFlags" above includes "xrdp.src" which must be patched already | ||
| rev = "c2f9c44d08264e5374a0db5390dd36b9290885bd"; # Fixes https://github.com/neutrinolabs/xrdp/issues/609; not a patch on top of the official repo because "xorgxrdp.configureFlags" above includes "xrdp.src" which must be patched already |
There was a problem hiding this comment.
This is an really old version and upstream did several releases since then including a CVE one 0.9.13.1 CVE-2022-4044: Local users can perform a buffer overflow attack against the xrdp-sesman service and then impersonate it. We should probably redo the patches on a newer version. Eventually they might also be garbage collected.
There was a problem hiding this comment.
We should probably redo the patches on a newer version.
Yes.
This is big work.
While this PR fixes a build error caused by 404.
Also it points where to find those patches which have to be redone.
Eventually they might also be garbage collected.
Unlikely, as it is tagged in @volth repo.
We can make another fork and tag this commit too to be sure about GC
There was a problem hiding this comment.
volth's account is no longer existing so I would prefer mirroring/forking it to somewhere.
Forked repos are accessible using parent's user name, so @volth's work could be accessed this way
sha256unchanged