Comment 3 for bug 1973028

Revision history for this message
Seth Arnold (seth-arnold) wrote :

Please use CVE-2022-1736 for the gnome-remote-desktop user service being enabled on Ubuntu.

The Debian packaging, and derivatives of both Ubuntu and Debian, for gnome-remote-desktop are probably very similar. The Debian policy strongly encourages services to be running by default after installation[1]. Ubuntu, however, strongly discourages open ports by default[2].

So, while there may be identical code in the other distributions, this may or may not be considered a vulnerability by the other distributions, based on their own policies.


     "The default behaviour is to enable autostarting your package’s daemon"

     "Default installations of Ubuntu must have no listening network services after initial install. Exceptions to this rule [enumerated exceptions elided]"