[ubuntu/bionic-updates] freerdp2 2.2.0+dfsg1-0ubuntu0.18.04.3 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Mon Jun 6 16:58:24 UTC 2022
freerdp2 (2.2.0+dfsg1-0ubuntu0.18.04.3) bionic-security; urgency=medium
* SECURITY UPDATE: authentication bypass via empty password values
- debian/patches/CVE-2022-24882.patch: fix return code confusion in
winpr/libwinpr/sspi/NTLM/ntlm_av_pairs.*,
winpr/libwinpr/sspi/NTLM/ntlm_compute.*,
winpr/libwinpr/sspi/NTLM/ntlm_message.c.
- CVE-2022-24882
* SECURITY UPDATE: authentication bypass via incorrect SAM file path
- debian/patches/CVE-2022-24883.patch: clean up ntlm_fetch_ntlm_v2_hash
in winpr/libwinpr/sspi/NTLM/ntlm_compute.c.
- CVE-2022-24883
Date: 2022-06-06 14:22:08.247030+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/freerdp2/2.2.0+dfsg1-0ubuntu0.18.04.3
-------------- next part --------------
Sorry, changesfile not available.
More information about the Bionic-changes
mailing list