Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 456
Alerts This Week
Warning Icon 1 456

Scientific Linux: SLSA-2019-0697-1 Critical: Freerdp Buffer Overflow Issues

Scientific Large Esm H446
freerdp: Integer truncation leading to heap-based buffer overflow in update_read_bitmap_update() function (CVE-2018-8786) * freerdp: Integer overflow leading to heap-based buffer overflow in gdi_Bitmap_Decompress() function (CVE-2018-8787) * freerdp: Out-of-bounds write in nsc_rle_decode() function (CVE-2018-8788) SL7 x86_64 freerdp-1.0.2-15.el7_6.1.x86_64.rpm freerdp-debuginfo-1. [More...]
Synopsis: Important: freerdp security update
Advisory ID:       SLSA-2019:0697-1
Issue Date:        2019-04-02
CVE Numbers:       CVE-2018-8786
                   CVE-2018-8787
                   CVE-2018-8788
--

Security Fix(es):

* freerdp: Integer truncation leading to heap-based buffer overflow in
update_read_bitmap_update() function (CVE-2018-8786)

* freerdp: Integer overflow leading to heap-based buffer overflow in
gdi_Bitmap_Decompress() function (CVE-2018-8787)

* freerdp: Out-of-bounds write in nsc_rle_decode() function
(CVE-2018-8788)
--

SL7
  x86_64
    freerdp-1.0.2-15.el7_6.1.x86_64.rpm
    freerdp-debuginfo-1.0.2-15.el7_6.1.i686.rpm
    freerdp-debuginfo-1.0.2-15.el7_6.1.x86_64.rpm
    freerdp-libs-1.0.2-15.el7_6.1.i686.rpm
    freerdp-libs-1.0.2-15.el7_6.1.x86_64.rpm
    freerdp-plugins-1.0.2-15.el7_6.1.x86_64.rpm
    freerdp-devel-1.0.2-15.el7_6.1.i686.rpm
    freerdp-devel-1.0.2-15.el7_6.1.x86_64.rpm

- Scientific Linux Development Team