From 5305a9702696f938c574af1e321b9c4201b72034 Mon Sep 17 00:00:00 2001 From: Gyorgy Sarvari Date: Mon, 20 Apr 2026 11:33:23 +0200 Subject: [PATCH] xrdp: upgrade 0.10.5 -> 0.10.6 Mark fixed CVEs explicitly patched,because NVD tracks them without version info. Changelog: Security fixes: CVE-2026-32105 CVE-2026-32107 CVE-2026-32623 CVE-2026-32624 CVE-2026-33145 CVE-2026-33516 CVE-2026-33689 CVE-2026-35512 New features: Support for xorgxrdp bug fixes Bug fixes: Honour pass_shell_as_env setting only if user sets a shell We no longer try to create a NULL authentication file when using VNC over UDS Problems with the Brazilian ABNT2 keyboard mapping have been corrected A 'file exists' error when installing xrdp over an existing installation has been addressed Signed-off-by: Gyorgy Sarvari Signed-off-by: Khem Raj --- .../xrdp/{xrdp_0.10.5.bb => xrdp_0.10.6.bb} | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) rename meta-oe/recipes-support/xrdp/{xrdp_0.10.5.bb => xrdp_0.10.6.bb} (89%) diff --git a/meta-oe/recipes-support/xrdp/xrdp_0.10.5.bb b/meta-oe/recipes-support/xrdp/xrdp_0.10.6.bb similarity index 89% rename from meta-oe/recipes-support/xrdp/xrdp_0.10.5.bb rename to meta-oe/recipes-support/xrdp/xrdp_0.10.6.bb index 8d7c5807f2..152b37cb37 100644 --- a/meta-oe/recipes-support/xrdp/xrdp_0.10.5.bb +++ b/meta-oe/recipes-support/xrdp/xrdp_0.10.6.bb @@ -17,7 +17,7 @@ SRC_URI = "https://github.com/neutrinolabs/${BPN}/releases/download/v${PV}/${BPN file://0001-arch-Define-NO_NEED_ALIGN-on-ppc64.patch \ file://0001-mark-count-with-unused-attribute.patch \ " -SRC_URI[sha256sum] = "9abc96d164de4b1c40e2f3f537d0593d052a640cf3388978c133715ea69fb123" +SRC_URI[sha256sum] = "dfc21d5d603b642cf583987b36706b685bf05fd3aaaaacefb8f57c5f4a448677" UPSTREAM_CHECK_URI = "https://github.com/neutrinolabs/xrdp/releases" UPSTREAM_CHECK_REGEX = "releases/tag/v(?P\d+(\.\d+)+)" @@ -127,3 +127,12 @@ pkg_postinst:${PN}() { fi fi } + +CVE_STATUS[CVE-2026-32105] = "fixed-version: fixed in 0.10.6" +CVE_STATUS[CVE-2026-32107] = "fixed-version: fixed in 0.10.6" +CVE_STATUS[CVE-2026-32623] = "fixed-version: fixed in 0.10.6" +CVE_STATUS[CVE-2026-32624] = "fixed-version: fixed in 0.10.6" +CVE_STATUS[CVE-2026-33145] = "fixed-version: fixed in 0.10.6" +CVE_STATUS[CVE-2026-33516] = "fixed-version: fixed in 0.10.6" +CVE_STATUS[CVE-2026-33689] = "fixed-version: fixed in 0.10.6" +CVE_STATUS[CVE-2026-35512] = "fixed-version: fixed in 0.10.6"