 
| Subject: | |
| From: | |
| Reply To: | |
| Date: | Tue, 20 Oct 2020 18:13:31 -0000 |
| Content-Type: | text/plain |
| Parts/Attachments: |
|
|
Synopsis: Moderate: freerdp security, bug fix, and enhancement update
Advisory ID: SLSA-2020:4031-1
Issue Date: 2020-10-01
CVE Numbers: CVE-2020-11088
CVE-2020-11038
CVE-2020-11042
CVE-2020-13397
CVE-2020-11085
CVE-2020-11048
CVE-2020-11086
CVE-2020-11019
CVE-2020-11522
CVE-2020-11018
CVE-2020-11525
CVE-2020-11049
CVE-2020-11039
CVE-2020-11040
CVE-2020-11089
CVE-2020-11044
CVE-2020-11087
CVE-2020-11043
CVE-2020-11046
CVE-2020-11058
CVE-2020-11526
CVE-2020-11041
CVE-2020-11047
CVE-2020-11045
CVE-2020-13396
--
Security Fix(es):
* freerdp: Out of bound read in cliprdr_server_receive_capabilities
(CVE-2020-11018)
* freerdp: Out of bound read/write in usb redirection channel
(CVE-2020-11039)
* freerdp: out-of-bounds read in update_read_icon_info function
(CVE-2020-11042)
* freerdp: out-of-bounds read in autodetect_recv_bandwidth_measure_results
function (CVE-2020-11047)
* freerdp: Out-of-bounds read in ntlm_read_ChallengeMessage in
winpr/libwinpr/sspi/NTLM/ntlm_message.c. (CVE-2020-13396)
* freerdp: Out-of-bounds read in security_fips_decrypt in
libfreerdp/core/security.c (CVE-2020-13397)
* freerdp: Out of bound read in update_recv could result in a crash
(CVE-2020-11019)
* freerdp: Integer overflow in VIDEO channel (CVE-2020-11038)
* freerdp: Out of bound access in clear_decompress_subcode_rlex
(CVE-2020-11040)
* freerdp: Unchecked read of array offset in rdpsnd_recv_wave2_pdu
(CVE-2020-11041)
* freerdp: out of bound read in rfx_process_message_tileset
(CVE-2020-11043)
* freerdp: double free in update_read_cache_bitmap_v3_order function
(CVE-2020-11044)
* freerdp: out of bounds read in update_read_bitmap_data function
(CVE-2020-11045)
* freerdp: out of bounds seek in update_read_synchronize function could
lead out of bounds read (CVE-2020-11046)
* freerdp: out-of-bounds read could result in aborting the session
(CVE-2020-11048)
* freerdp: out-of-bound read of client memory that is then passed on to the
protocol parser (CVE-2020-11049)
* freerdp: stream out-of-bounds seek in rdp_read_font_capability_set could
lead to out-of-bounds read (CVE-2020-11058)
* freerdp: out-of-bounds read in cliprdr_read_format_list function
(CVE-2020-11085)
* freerdp: out-of-bounds read in ntlm_read_ntlm_v2_client_challenge
function (CVE-2020-11086)
* freerdp: out-of-bounds read in ntlm_read_AuthenticateMessage
(CVE-2020-11087)
* freerdp: out-of-bounds read in ntlm_read_NegotiateMessage
(CVE-2020-11088)
* freerdp: out-of-bounds read in irp functions (CVE-2020-11089)
* freerdp: out-of-bounds read in gdi.c (CVE-2020-11522)
* freerdp: out-of-bounds read in bitmap.c (CVE-2020-11525)
* freerdp: Stream pointer out of bounds in update_recv_secondary_order
could lead out of bounds read later (CVE-2020-11526)
--
SL7
x86_64
freerdp-libs-2.1.1-2.el7.x86_64.rpm
libwinpr-2.1.1-2.el7.i686.rpm
freerdp-2.1.1-2.el7.x86_64.rpm
freerdp-libs-2.1.1-2.el7.i686.rpm
libwinpr-2.1.1-2.el7.x86_64.rpm
freerdp-debuginfo-2.1.1-2.el7.i686.rpm
freerdp-debuginfo-2.1.1-2.el7.x86_64.rpm
freerdp-devel-2.1.1-2.el7.i686.rpm
freerdp-devel-2.1.1-2.el7.x86_64.rpm
libwinpr-devel-2.1.1-2.el7.i686.rpm
libwinpr-devel-2.1.1-2.el7.x86_64.rpm
- Scientific Linux Development Team
|
|
|
