This update for freerdp fixes the following issues:
Update to version 3.24.2.
Security issues fixed:
- CVE-2026-25941: out-of-bounds read in the FreeRDP client RDPGFX channel (bsc#1258919).
- CVE-2026-25942: buffer overflow of global array in `xf_rail_server_execute_result` (bsc#1258920).
- CVE-2026-25952: heap use-after-free in `xf_SetWindowMinMaxInfo` (bsc#1258921).
- CVE-2026-25953: heap use-after-free in `xf_AppUpdateWindowFromSurface` (bsc#1258923).
- CVE-2026-25954: heap use-after-free in `xf_rail_server_local_move_size` (bsc#1258924).
- CVE-2026-25955: heap use-after-free in `xf_AppUpdateWindowFromSurface` (bsc#1258973).
- CVE-2026-25959: heap use-after-free in `xf_cliprdr_provide_data_` (bsc#1258976).
- CVE-2026-25997: heap use-after-free in `xf_clipboard_format_equal` (bsc#1258977).
- CVE-2026-26271: buffer overread in FreeRDP icon processing (bsc#1258979).
- CVE-2026-26955: out-of-bounds write in FreeRDP clients using the GDI surface pipeline (bsc#1258982).
-...
Read the Full Advisory- openSUSE Leap 16.0:
freerdp-3.24.2-160000.1.1
freerdp-devel-3.24.2-160000.1.1
freerdp-proxy-3.24.2-160000.1.1
freerdp-proxy-plugins-3.24.2-160000.1.1
freerdp-sdl-3.24.2-160000.1.1
freerdp-server-3.24.2-160000.1.1
freerdp-wayland-3.24.2-160000.1.1
libfreerdp-server-proxy3-3-3.24.2-160000.1.1
libfreerdp3-3-3.24.2-160000.1.1
librdtk0-0-3.24.2-160000.1.1
libuwac0-0-3.24.2-160000.1.1
libwinpr3-3-3.24.2-160000.1.1
rdtk0-devel-3.24.2-160000.1.1
uwac0-devel-3.24.2-160000.1.1
winpr-devel-3.24.2-160000.1.1
* bsc#1258919
* bsc#1258920
* bsc#1258921
* bsc#1258923
* bsc#1258924
* bsc#1258973
* bsc#1258976
* bsc#1258977
* bsc#1258979
* bsc#1258982
* bsc#1258985
* bsc#1259653
* bsc#1259679
* bsc#1259680
* bsc#1259684
* bsc#1259686
* bsc#1259689
* bsc#1259692
* bsc#1259693
* bsc#1261196
* bsc#1261198
* bsc#1261200
* bsc#1261211
* bsc#1261217
* bsc#1261222
* bsc#1261223
* bsc#1261226
* bsc#1261227
References:
* https://www.suse.com/security/cve/CVE-2026-25941.html
* https://www.suse.com/security/cve/CVE-2026-25942.html
* https://www.suse.com/security/cve/CVE-2026-25952.html
* https://www.suse.com/security/cve/CVE-2026-25953.html
* https://www.suse.com/security/cve/CVE-2026-25954.html
* https://www.suse.com/security/cve/CVE-2026-25955.html
* https://www.suse.com/security/cve/CVE-2026-25959.html
* https://www.suse.com/security/cve/CVE-2026-25997.html
* https://www.suse.com/security/cve/CVE-2026-26271.html
* https://www.suse.com/security/cve/CVE-2026-26955.html
* https://www.suse.com/security/cve/CVE-2026-26965.html
*...
Read the Full AdvisoryGet the latest Linux and open source security news straight to your inbox.