Publishing details
Changelog
freerdp2 (2.2.0+dfsg1-0ubuntu0.18.04.3) bionic-security; urgency=medium
* SECURITY UPDATE: authentication bypass via empty password values
- debian/patches/CVE-2022-24882.patch: fix return code confusion in
winpr/libwinpr/sspi/NTLM/ntlm_av_pairs.*,
winpr/libwinpr/sspi/NTLM/ntlm_compute.*,
winpr/libwinpr/sspi/NTLM/ntlm_message.c.
- CVE-2022-24882
* SECURITY UPDATE: authentication bypass via incorrect SAM file path
- debian/patches/CVE-2022-24883.patch: clean up ntlm_fetch_ntlm_v2_hash
in winpr/libwinpr/sspi/NTLM/ntlm_compute.c.
- CVE-2022-24883
-- Marc Deslauriers <email address hidden> Mon, 06 Jun 2022 09:23:21 -0400
Builds
Package files