--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2017-ed31e1f941
2017-08-07 13:52:29.112642
--------------------------------------------------------------------------------Name        : freerdp
Product     : Fedora 25
Version     : 2.0.0
Release     : 31.20170724gitf8c9f43.fc25
URL         : https://www.freerdp.com/
Summary     : Free implementation of the Remote Desktop Protocol (RDP)
Description :
The xfreerdp Remote Desktop Protocol (RDP) client from the FreeRDP project.

xfreerdp can connect to RDP servers such as Microsoft Windows machines, xrdp and
VirtualBox.

--------------------------------------------------------------------------------Update Information:

Update to latest snapshot that contains fixes for the latest Talos discovered
CVEs.
--------------------------------------------------------------------------------References:

  [ 1 ] Bug #1475240 - CVE-2017-2836 freerdp: Rdp Client Read Server Proprietary Certificate Denial of Service
        https://bugzilla.redhat.com/show_bug.cgi?id=1475240
  [ 2 ] Bug #1475239 - CVE-2017-2837 freerdp: Rdp Client GCC Read Server Security Data Denial of Service
        https://bugzilla.redhat.com/show_bug.cgi?id=1475239
  [ 3 ] Bug #1475236 - CVE-2017-2838 freerdp: Rdp Client License Read Product Info Denial of Service
        https://bugzilla.redhat.com/show_bug.cgi?id=1475236
  [ 4 ] Bug #1475234 - CVE-2017-2839 freerdp: Rdp Client License Read Challenge Packet Denial of Service
        https://bugzilla.redhat.com/show_bug.cgi?id=1475234
  [ 5 ] Bug #1475233 - CVE-2017-2835 freerdp: Out-of-bounds write in rdp_recv_tpkt_pdu
        https://bugzilla.redhat.com/show_bug.cgi?id=1475233
  [ 6 ] Bug #1475224 - CVE-2017-2834 freerdp: Out-of-bounds write in license_recv()
        https://bugzilla.redhat.com/show_bug.cgi?id=1475224
--------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade freerdp' at the command line.
For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora 25: freerdp Security Update

August 7, 2017
Update to latest snapshot that contains fixes for the latest Talos discovered CVEs.

Summary

The xfreerdp Remote Desktop Protocol (RDP) client from the FreeRDP project.

xfreerdp can connect to RDP servers such as Microsoft Windows machines, xrdp and

VirtualBox.

Update to latest snapshot that contains fixes for the latest Talos discovered

CVEs.

[ 1 ] Bug #1475240 - CVE-2017-2836 freerdp: Rdp Client Read Server Proprietary Certificate Denial of Service

https://bugzilla.redhat.com/show_bug.cgi?id=1475240

[ 2 ] Bug #1475239 - CVE-2017-2837 freerdp: Rdp Client GCC Read Server Security Data Denial of Service

https://bugzilla.redhat.com/show_bug.cgi?id=1475239

[ 3 ] Bug #1475236 - CVE-2017-2838 freerdp: Rdp Client License Read Product Info Denial of Service

https://bugzilla.redhat.com/show_bug.cgi?id=1475236

[ 4 ] Bug #1475234 - CVE-2017-2839 freerdp: Rdp Client License Read Challenge Packet Denial of Service

https://bugzilla.redhat.com/show_bug.cgi?id=1475234

[ 5 ] Bug #1475233 - CVE-2017-2835 freerdp: Out-of-bounds write in rdp_recv_tpkt_pdu

https://bugzilla.redhat.com/show_bug.cgi?id=1475233

[ 6 ] Bug #1475224 - CVE-2017-2834 freerdp: Out-of-bounds write in license_recv()

https://bugzilla.redhat.com/show_bug.cgi?id=1475224

su -c 'dnf upgrade freerdp' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

FEDORA-2017-ed31e1f941 2017-08-07 13:52:29.112642 Product : Fedora 25 Version : 2.0.0 Release : 31.20170724gitf8c9f43.fc25 URL : https://www.freerdp.com/ Summary : Free implementation of the Remote Desktop Protocol (RDP) Description : The xfreerdp Remote Desktop Protocol (RDP) client from the FreeRDP project. xfreerdp can connect to RDP servers such as Microsoft Windows machines, xrdp and VirtualBox. Update to latest snapshot that contains fixes for the latest Talos discovered CVEs. [ 1 ] Bug #1475240 - CVE-2017-2836 freerdp: Rdp Client Read Server Proprietary Certificate Denial of Service https://bugzilla.redhat.com/show_bug.cgi?id=1475240 [ 2 ] Bug #1475239 - CVE-2017-2837 freerdp: Rdp Client GCC Read Server Security Data Denial of Service https://bugzilla.redhat.com/show_bug.cgi?id=1475239 [ 3 ] Bug #1475236 - CVE-2017-2838 freerdp: Rdp Client License Read Product Info Denial of Service https://bugzilla.redhat.com/show_bug.cgi?id=1475236 [ 4 ] Bug #1475234 - CVE-2017-2839 freerdp: Rdp Client License Read Challenge Packet Denial of Service https://bugzilla.redhat.com/show_bug.cgi?id=1475234 [ 5 ] Bug #1475233 - CVE-2017-2835 freerdp: Out-of-bounds write in rdp_recv_tpkt_pdu https://bugzilla.redhat.com/show_bug.cgi?id=1475233 [ 6 ] Bug #1475224 - CVE-2017-2834 freerdp: Out-of-bounds write in license_recv() https://bugzilla.redhat.com/show_bug.cgi?id=1475224 su -c 'dnf upgrade freerdp' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Change Log

References

Update Instructions

Severity
Product : Fedora 25
Version : 2.0.0
Release : 31.20170724gitf8c9f43.fc25
URL : https://www.freerdp.com/
Summary : Free implementation of the Remote Desktop Protocol (RDP)

Related News

19.Laptop Bed Esm H320
2 - 3 min read
The release of Google Chrome 124 addresses four vulnerabilities, including a critical security flaw that can enable attackers to execute arbitrary
23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved