[ubuntu/mantic-security] freerdp2 2.10.0+dfsg1-1.1ubuntu1.2 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Wed Apr 24 17:17:22 UTC 2024
freerdp2 (2.10.0+dfsg1-1.1ubuntu1.2) mantic-security; urgency=medium
* SECURITY UPDATE: integer overflow in freerdp_bitmap_planar_context_reset
- debian/patches/CVE-2024-22211.patch: check resolution for overflow in
libfreerdp/codec/planar.c.
- CVE-2024-22211
* SECURITY UPDATE: out-of-bounds write and out-of-bounds read
- debian/patches/CVE-2024-32039_41.patch: reorder check to prevent
possible integer overflow in libfreerdp/codec/clear.c,
libfreerdp/codec/zgfx.c.
- CVE-2024-32039
- CVE-2024-32041
* SECURITY UPDATE: integer underflow in NSC codec
- debian/patches/CVE-2024-32040.patch: abort if there are more bytes to
be read then there are left in libfreerdp/codec/nsc.c.
- CVE-2024-32040
* SECURITY UPDATE: out-of-bounds read
- debian/patches/CVE-2024-32458.patch: fix missing input length checks
in libfreerdp/codec/planar.c.
- CVE-2024-32458
* SECURITY UPDATE: out-of-bounds read
- debian/patches/CVE-2024-32459.patch: fix missing input length check
in libfreerdp/codec/ncrush.c.
- CVE-2024-32459
* SECURITY UPDATE: out-of-bounds read
- debian/patches/CVE-2024-32460.patch: add checks to
libfreerdp/codec/include/bitmap.c, libfreerdp/codec/interleaved.c.
- CVE-2024-32460
Date: 2024-04-23 15:23:16.790898+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/freerdp2/2.10.0+dfsg1-1.1ubuntu1.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the mantic-changes
mailing list