[Buildroot] [PATCH 1/1] package/freerdp: security bump to version 2.1.2

Peter Korsgaard peter at korsgaard.com
Wed Jul 22 12:27:29 UTC 2020


>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:

 > - Fix CVE-2020-4030: In FreeRDP before version 2.1.2, there is an out of
 >   bounds read in TrioParse. Logging might bypass string length checks
 >   due to an integer overflow.
 > - Fix CVE-2020-4031: In FreeRDP before version 2.1.2, there is a
 >   use-after-free in gdi_SelectObject. All FreeRDP clients using
 >   compatibility mode with /relax-order-checks are affected.
 > - Fix CVE-2020-4032: In FreeRDP before version 2.1.2, there is an
 >   integer casting vulnerability in update_recv_secondary_order. All
 >   clients with +glyph-cache /relax-order-checks are affected.
 > - Fix CVE-2020-4033: In FreeRDP before version 2.1.2, there is an out of
 >   bounds read in RLEDECOMPRESS. All FreeRDP based clients with sessions
 >   with color depth < 32 are affected.
 > - Fix CVE-2020-11095: In FreeRDP before version 2.1.2, an out of bound
 >   reads occurs resulting in accessing a memory location that is outside
 >   of the boundaries of the static array
 >   PRIMARY_DRAWING_ORDER_FIELD_BYTES.
 > - Fix CVE-2020-11096: In FreeRDP before version 2.1.2, there is a global
 >   OOB read in update_read_cache_bitmap_v3_order. As a workaround, one
 >   can disable bitmap cache with -bitmap-cache (default).
 > - Fix CVE-2020-11097: In FreeRDP before version 2.1.2, an out of bounds
 >   read occurs resulting in accessing a memory location that is outside
 >   of the boundaries of the static array
 >   PRIMARY_DRAWING_ORDER_FIELD_BYTES.
 > - Fix CVE-2020-11098: In FreeRDP before version 2.1.2, there is an
 >   out-of-bound read in glyph_cache_put. This affects all FreeRDP clients
 >   with `+glyph-cache` option enabled.
 > - Fix CVE-2020-11099: In FreeRDP before version 2.1.2, there is an out
 >   of bounds read in license_read_new_or_upgrade_license_packet. A
 >   manipulated license packet can lead to out of bound reads to an
 >   internal buffer.

 > Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>

Committed to 2020.02.x and 2020.05.x, thanks.

-- 
Bye, Peter Korsgaard


More information about the buildroot mailing list