Fedora 25: freerdp Security Update
Summary
The xfreerdp Remote Desktop Protocol (RDP) client from the FreeRDP project.
xfreerdp can connect to RDP servers such as Microsoft Windows machines, xrdp and
VirtualBox.
Update to latest snapshot that contains fixes for the latest Talos discovered
CVEs.
[ 1 ] Bug #1475240 - CVE-2017-2836 freerdp: Rdp Client Read Server Proprietary Certificate Denial of Service
https://bugzilla.redhat.com/show_bug.cgi?id=1475240
[ 2 ] Bug #1475239 - CVE-2017-2837 freerdp: Rdp Client GCC Read Server Security Data Denial of Service
https://bugzilla.redhat.com/show_bug.cgi?id=1475239
[ 3 ] Bug #1475236 - CVE-2017-2838 freerdp: Rdp Client License Read Product Info Denial of Service
https://bugzilla.redhat.com/show_bug.cgi?id=1475236
[ 4 ] Bug #1475234 - CVE-2017-2839 freerdp: Rdp Client License Read Challenge Packet Denial of Service
https://bugzilla.redhat.com/show_bug.cgi?id=1475234
[ 5 ] Bug #1475233 - CVE-2017-2835 freerdp: Out-of-bounds write in rdp_recv_tpkt_pdu
https://bugzilla.redhat.com/show_bug.cgi?id=1475233
[ 6 ] Bug #1475224 - CVE-2017-2834 freerdp: Out-of-bounds write in license_recv()
https://bugzilla.redhat.com/show_bug.cgi?id=1475224
su -c 'dnf upgrade freerdp' at the command line.
For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
FEDORA-2017-ed31e1f941 2017-08-07 13:52:29.112642 Product : Fedora 25 Version : 2.0.0 Release : 31.20170724gitf8c9f43.fc25 URL : https://www.freerdp.com/ Summary : Free implementation of the Remote Desktop Protocol (RDP) Description : The xfreerdp Remote Desktop Protocol (RDP) client from the FreeRDP project. xfreerdp can connect to RDP servers such as Microsoft Windows machines, xrdp and VirtualBox. Update to latest snapshot that contains fixes for the latest Talos discovered CVEs. [ 1 ] Bug #1475240 - CVE-2017-2836 freerdp: Rdp Client Read Server Proprietary Certificate Denial of Service https://bugzilla.redhat.com/show_bug.cgi?id=1475240 [ 2 ] Bug #1475239 - CVE-2017-2837 freerdp: Rdp Client GCC Read Server Security Data Denial of Service https://bugzilla.redhat.com/show_bug.cgi?id=1475239 [ 3 ] Bug #1475236 - CVE-2017-2838 freerdp: Rdp Client License Read Product Info Denial of Service https://bugzilla.redhat.com/show_bug.cgi?id=1475236 [ 4 ] Bug #1475234 - CVE-2017-2839 freerdp: Rdp Client License Read Challenge Packet Denial of Service https://bugzilla.redhat.com/show_bug.cgi?id=1475234 [ 5 ] Bug #1475233 - CVE-2017-2835 freerdp: Out-of-bounds write in rdp_recv_tpkt_pdu https://bugzilla.redhat.com/show_bug.cgi?id=1475233 [ 6 ] Bug #1475224 - CVE-2017-2834 freerdp: Out-of-bounds write in license_recv() https://bugzilla.redhat.com/show_bug.cgi?id=1475224 su -c 'dnf upgrade freerdp' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Change Log
References