Fedora 31: freerdp 2020-a3432485db

    Date 31 Jul 2020
    34
    Posted By LinuxSecurity Advisories
    Bugfix and CVE release.
    --------------------------------------------------------------------------------
    Fedora Update Notification
    FEDORA-2020-a3432485db
    2020-08-01 01:17:15.822420
    --------------------------------------------------------------------------------
    
    Name        : freerdp
    Product     : Fedora 31
    Version     : 2.2.0
    Release     : 1.fc31
    URL         : https://www.freerdp.com/
    Summary     : Free implementation of the Remote Desktop Protocol (RDP)
    Description :
    The xfreerdp & wlfreerdp Remote Desktop Protocol (RDP) clients from the FreeRDP
    project.
    
    xfreerdp & wlfreerdp can connect to RDP servers such as Microsoft Windows
    machines, xrdp and VirtualBox.
    
    --------------------------------------------------------------------------------
    Update Information:
    
    Bugfix and CVE release.
    --------------------------------------------------------------------------------
    ChangeLog:
    
    * Thu Jul 23 2020 Simone Caronni  - 2:2.2.0-1
    - Update to 2.2.0.
    --------------------------------------------------------------------------------
    References:
    
      [ 1 ] Bug #1854844 - CVE-2020-11098 freerdp: out-of-bound read in glyph_cache_put [fedora-all]
            https://bugzilla.redhat.com/show_bug.cgi?id=1854844
      [ 2 ] Bug #1854848 - CVE-2020-11096 freerdp: out-of-bound read in update_read_cache_bitmap_v3_order [fedora-all]
            https://bugzilla.redhat.com/show_bug.cgi?id=1854848
      [ 3 ] Bug #1854852 - CVE-2020-11095 freerdp: out of bound reads resulting in accessing memory location  outside of static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. [fedora-all]
            https://bugzilla.redhat.com/show_bug.cgi?id=1854852
      [ 4 ] Bug #1854872 - CVE-2020-4032 freerdp: integer casting vulnerability in update_recv_secondary_order [fedora-all]
            https://bugzilla.redhat.com/show_bug.cgi?id=1854872
      [ 5 ] Bug #1854886 - CVE-2020-4033 freerdp:  out-of-bounds read in RLEDECOMPRESS [fedora-all]
            https://bugzilla.redhat.com/show_bug.cgi?id=1854886
      [ 6 ] Bug #1854890 - CVE-2020-4031 freerdp: use-after-free in gdi_SelectObject [fedora-all]
            https://bugzilla.redhat.com/show_bug.cgi?id=1854890
      [ 7 ] Bug #1854896 - CVE-2020-4030 freerdp: out of bounds read in TrioParse [fedora-all]
            https://bugzilla.redhat.com/show_bug.cgi?id=1854896
      [ 8 ] Bug #1854900 - CVE-2020-11099 freerdp: out of bounds read in license_read_new_or_upgrade_license_packet [fedora-all]
            https://bugzilla.redhat.com/show_bug.cgi?id=1854900
      [ 9 ] Bug #1854913 - CVE-2020-11097 freerdp: out of bounds read in PRIMARY_DRAWING_ORDER_FIELD_BYTES [fedora-all]
            https://bugzilla.redhat.com/show_bug.cgi?id=1854913
      [ 10 ] Bug #1855226 - Disconnected on Windows 2008 R2 after update to 2.1.2-1
            https://bugzilla.redhat.com/show_bug.cgi?id=1855226
      [ 11 ] Bug #1858483 - remmina - can not connect to Windows Server 2008 after last update
            https://bugzilla.redhat.com/show_bug.cgi?id=1858483
      [ 12 ] Bug #1858910 - CVE-2020-15103 freerdp: integer overflow due to missing input sanitation in rdpegfx channel [fedora-all]
            https://bugzilla.redhat.com/show_bug.cgi?id=1858910
      [ 13 ] Bug #1859579 - Freerdp version 2.2.0 fixes disconnection issue, please update
            https://bugzilla.redhat.com/show_bug.cgi?id=1859579
    --------------------------------------------------------------------------------
    
    This update can be installed with the "dnf" update program. Use
    su -c 'dnf upgrade --advisory FEDORA-2020-a3432485db' at the command
    line. For more information, refer to the dnf documentation available at
    https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
    
    All packages are signed with the Fedora Project GPG key. More details on the
    GPG keys used by the Fedora Project can be found at
    https://fedoraproject.org/keys
    --------------------------------------------------------------------------------
    _______________________________________________
    package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it.
    To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it.
    Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
    List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
    List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it.
    

    LinuxSecurity Poll

    Are you planning to use the 1Password password manager now that it is available to Linux users?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/35-are-you-planning-to-use-the-1password-password-manager-now-that-it-is-available-to-linux-users?task=poll.vote&format=json
    35
    radio
    [{"id":"122","title":"Yes","votes":"1","type":"x","order":"1","pct":20,"resources":[]},{"id":"123","title":"No ","votes":"3","type":"x","order":"2","pct":60,"resources":[]},{"id":"124","title":"Not sure at the moment","votes":"1","type":"x","order":"3","pct":20,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
    bottom 200

    Advisories

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.