Fedora 25: 2017-ed31e1f941 Critical: Remmina DoS Issues Addressed

Remmina is a remote desktop client written in GTK+, aiming to be useful for

system administrators and travelers, who need to work with lots of remote

computers in front of either large monitors or tiny net-books.

Remmina supports multiple network protocols in an integrated and consistent

user interface. Currently RDP, VNC, XDMCP and SSH are supported.

Please don't forget to install the plugins for the protocols you want to use.

Update to latest snapshot that contains fixes for the latest Talos discovered

CVEs.

[ 1 ] Bug #1475240 - CVE-2017-2836 freerdp: Rdp Client Read Server Proprietary Certificate Denial of Service

https://bugzilla.redhat.com/show_bug.cgi?id=1475240

[ 2 ] Bug #1475239 - CVE-2017-2837 freerdp: Rdp Client GCC Read Server Security Data Denial of Service

https://bugzilla.redhat.com/show_bug.cgi?id=1475239

[ 3 ] Bug #1475236 - CVE-2017-2838 freerdp: Rdp Client License Read Product Info Denial of Service

https://bugzilla.redhat.com/show_bug.cgi?id=1475236

[ 4 ] Bug #1475234 - CVE-2017-2839 freerdp: Rdp Client License Read Challenge Packet Denial of Service

https://bugzilla.redhat.com/show_bug.cgi?id=1475234

[ 5 ] Bug #1475233 - CVE-2017-2835 freerdp: Out-of-bounds write in rdp_recv_tpkt_pdu

https://bugzilla.redhat.com/show_bug.cgi?id=1475233

[ 6 ] Bug #1475224 - CVE-2017-2834 freerdp: Out-of-bounds write in license_recv()

https://bugzilla.redhat.com/show_bug.cgi?id=1475224

su -c 'dnf upgrade remmina' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org