Format: 1.8
Date: Mon, 21 Nov 2022 08:52:19 -0500
Source: freerdp2
Built-For-Profiles: noudeb
Architecture: source
Version: 2.6.1+dfsg1-3ubuntu2.3
Distribution: jammy-security
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Changes:
 freerdp2 (2.6.1+dfsg1-3ubuntu2.3) jammy-security; urgency=medium
 .
   * SECURITY UPDATE: out of bounds read via parallel driver
     - debian/patches/CVE-2022-39282.patch: fix length checks in parallel
       driver in channels/parallel/client/parallel_main.c.
     - CVE-2022-39282
   * SECURITY UPDATE: out of bounds read via video channel
     - debian/patches/CVE-2022-39283.patch: fixed missing length check in
       video channel in channels/video/client/video_main.c.
     - CVE-2022-39283
   * SECURITY UPDATE: out of bounds reads in ZGFX decoder component
     - debian/patches/CVE-2022-39316_7.patch: added missing length checks in
       zgfx_decompress_segment in libfreerdp/codec/zgfx.c.
     - CVE-2022-39316
     - CVE-2022-39317
   * SECURITY UPDATE: missing input validation in urbdrc
     - debian/patches/CVE-2022-39318.patch: fixed division by zero in urbdrc
       in channels/urbdrc/client/libusb/libusb_udevice.c.
     - CVE-2022-39318
   * SECURITY UPDATE: missing input length validation in urbdrc
     - debian/patches/CVE-2022-39319-1.patch: fixed missing input buffer
       length check in urbdrc in channels/urbdrc/client/data_transfer.c.
     - debian/patches/CVE-2022-39319-2.patch: added missing length check in
       urb_control_transfer in channels/urbdrc/client/data_transfer.c.
     - CVE-2022-39319
   * SECURITY UPDATE: out of bounds read in usb
     - debian/patches/CVE-2022-39320.patch: ensure urb_create_iocompletion
       uses size_t for calculation in
       channels/urbdrc/client/data_transfer.c.
     - CVE-2022-39320
   * SECURITY UPDATE: missing path canonicalization and base path check
     for drive channel
     - debian/patches/CVE-2022-39347-1.patch: added function _wcsncmp in
       winpr/include/winpr/string.h, winpr/libwinpr/crt/string.c.
     - debian/patches/CVE-2022-39347-2.patch: fix wcs*cmp and wcs*len checks
       in winpr/libwinpr/crt/string.c.
     - debian/patches/CVE-2022-39347-3.patch: added wcsstr implementation in
       winpr/include/winpr/string.h, winpr/libwinpr/crt/string.c.
     - debian/patches/CVE-2022-39347-4.patch: fixed path validation in drive
       channel in channels/drive/client/drive_file.c,
       channels/drive/client/drive_file.h,
       channels/drive/client/drive_main.c.
     - CVE-2022-39347
Checksums-Sha1:
 287263eef8c39f3542a4d429ede5914f0cf7cb7b 3584 freerdp2_2.6.1+dfsg1-3ubuntu2.3.dsc
 500e88af603527580cd32bf003e459426d2b395b 82212 freerdp2_2.6.1+dfsg1-3ubuntu2.3.debian.tar.xz
 2810bab8a8f156affb92e7ba73eed08de8522de5 14804 freerdp2_2.6.1+dfsg1-3ubuntu2.3_source.buildinfo
Checksums-Sha256:
 42e802b956317438139aa1aed33df62b0247edeb4f173e01ad93f527af908b4b 3584 freerdp2_2.6.1+dfsg1-3ubuntu2.3.dsc
 e5f78629384986759ad4e47306d396856fa7eb36c2a1b7726401d78ce4bded44 82212 freerdp2_2.6.1+dfsg1-3ubuntu2.3.debian.tar.xz
 a73e3a6c20029daddad2eb7e7a91079b5a08c7eb8e4e941025d93574b88ddc6e 14804 freerdp2_2.6.1+dfsg1-3ubuntu2.3_source.buildinfo
Files:
 b278ecdd296717bf89bdaac6ff54e951 3584 x11 optional freerdp2_2.6.1+dfsg1-3ubuntu2.3.dsc
 40c33f6db66b5009186e1ec3fa65fa8d 82212 x11 optional freerdp2_2.6.1+dfsg1-3ubuntu2.3.debian.tar.xz
 d0cbffae9278d16e7cdb2394ce0bf328 14804 x11 optional freerdp2_2.6.1+dfsg1-3ubuntu2.3_source.buildinfo
Original-Maintainer: Debian Remote Maintainers <debian-remote@lists.debian.org>