[ubuntu/bionic-updates] freerdp2 2.2.0+dfsg1-0ubuntu0.18.04.2 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Tue Nov 23 15:58:37 UTC 2021
freerdp2 (2.2.0+dfsg1-0ubuntu0.18.04.2) bionic-security; urgency=medium
* SECURITY UPDATE: OOB Write
- debian/patches/CVE-2021-41159-and-41160.patch: add checks
in multiple files and added checks for bitmap
width and heigth values in order to avoid out
of bounds write in
libfreerdp/core/gateway/ncacn_http.c,
libfreerdp/core/gateway/rdg.c,
libfreerdp/core/gateway/rpc.c,
libfreerdp/core/gateway/rpc.h,
libfreerdp/core/gateway/rpc_bind.c,
libfreerdp/core/gateway/rpc_bind.h,
libfreerdp/core/gateway/rpc_client.c,
libfreerdp/core/gateway/rpc_client.h,
libfreerdp/core/gateway/rpc_fault.c,
libfreerdp/core/gateway/rts.c,
libfreerdp/core/gateway/rts.h,
libfreerdp/core/gateway/rts_signature.c,
libfreerdp/core/gateway/rts_signature.h,
libfreerdp/core/gateway/tsg.c,
libfreerdp/core/orders.c,
libfreerdp/core/surface.c,
libfreerdp/core/update.c.
- CVE-2021-41159
- CVE-2021-41160
Date: 2021-11-09 12:48:09.412942+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/freerdp2/2.2.0+dfsg1-0ubuntu0.18.04.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Bionic-changes
mailing list