[ubuntu/jammy-updates] freerdp2 2.6.1+dfsg1-3ubuntu2.6 (Accepted)

Ubuntu Archive Robot ubuntu-archive-robot at lists.canonical.com
Wed Apr 24 17:58:19 UTC 2024


freerdp2 (2.6.1+dfsg1-3ubuntu2.6) jammy-security; urgency=medium

  * SECURITY UPDATE: integer overflow in freerdp_bitmap_planar_context_reset
    - debian/patches/CVE-2024-22211.patch: check resolution for overflow in
      libfreerdp/codec/planar.c.
    - CVE-2024-22211
  * SECURITY UPDATE: out-of-bounds write and out-of-bounds read
    - debian/patches/CVE-2024-32039_41.patch: reorder check to prevent
      possible integer overflow in libfreerdp/codec/clear.c,
      libfreerdp/codec/zgfx.c.
    - CVE-2024-32039
    - CVE-2024-32041
  * SECURITY UPDATE: integer underflow in NSC codec
    - debian/patches/CVE-2024-32040.patch: abort if there are more bytes to
      be read then there are left in libfreerdp/codec/nsc.c.
    - CVE-2024-32040
  * SECURITY UPDATE: out-of-bounds read
    - debian/patches/CVE-2024-32458.patch: fix missing input length checks
      in libfreerdp/codec/planar.c.
    - CVE-2024-32458
  * SECURITY UPDATE: out-of-bounds read
    - debian/patches/CVE-2024-32459.patch: fix missing input length check
      in libfreerdp/codec/ncrush.c.
    - CVE-2024-32459
  * SECURITY UPDATE: out-of-bounds read
    - debian/patches/CVE-2024-32460.patch: add checks to
      libfreerdp/codec/include/bitmap.c, libfreerdp/codec/interleaved.c.
    - CVE-2024-32460

Date: 2024-04-23 15:23:12.275102+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/freerdp2/2.6.1+dfsg1-3ubuntu2.6
-------------- next part --------------
Sorry, changesfile not available.


More information about the jammy-changes mailing list