Publishing details

Removed from disk on 2020-07-13.
Removal requested on 2020-07-13.
Published on 2019-05-28
Copied from ubuntu cosmic in PPA for Ubuntu Security Proposed by Ubuntu Archive Robot

Changelog

freerdp (1.1.0~git20140921.1.440916e+dfsg1-15ubuntu1.18.10.1) cosmic-security; urgency=medium

  * SECURITY UPDATE: Integer truncation in update_read_bitmap_update
    - debian/patches/CVE-2018-8786.patch: Promote count to 32-bit integer
      type to avoid integer truncation in libfreerdp/core/update.c. Based on
      upstream patch.
    - CVE-2018-8786
  * SECURITY UPDATE: Integer overflow in gdi_Bitmap_Decompress
    - debian/patches/CVE-2018-8787.patch: Check for and avoid possible
      integer overflow in libfreerdp/gdi/graphics.c. Based on upstream
      patch.
    - CVE-2018-8787
  * SECURITY UPDATE: Buffer overflow in nsc_rle_decode
    - debian/patches/CVE-2018-8788.patch: Check for lengths and avoid
      possible buffer overflow in libfreerdp/codec/nsc.c and
      libfreerdp/codec/nsc_encode.c. Based on upstream patch.
    - CVE-2018-8788
  * SECURITY UPDATE: Out-of-bounds read in ntlm_read_message_fields_buffer
    - debian/patches/CVE-2018-8789.patch: Ensure to use 64-bit integer
      type when checking offset against stream length in
      winpr/libwinpr/sspi/NTLM/ntlm_message.c. Based on upstream patch.
    - CVE-2018-8789

 -- Eduardo Barretto <email address hidden>  Mon, 27 May 2019 14:17:26 -0300

Available diffs

diff from 1.1.0~git20140921.1.440916e+dfsg1-15ubuntu1 (in Ubuntu) to 1.1.0~git20140921.1.440916e+dfsg1-15ubuntu1.18.10.1 (4.0 KiB)

Publishing details

Changelog

Available diffs

Builds

Package files