First Last Prev Next    This bug is not in your last search results.
Bug 48775 - freerdp: Multiple issues (4.3)
freerdp: Multiple issues (4.3)
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Security updates
UCS 4.3
All Linux
: P3 normal (vote)
: UCS 4.3-3-errata
Assigned To: Quality Assurance
Philipp Hahn
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2019-02-26 11:45 CET by Quality Assurance
Modified: 2019-02-27 13:29 CET (History)
0 users

See Also:
What kind of report is it?: Security Issue
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score: 6.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Quality Assurance univentionstaff 2019-02-26 11:45:52 CET 
New Debian freerdp 1.1.0~git20140921.1.440916e+dfsg1-13+deb9u3 fixes:
This update addresses the following issues:

* 1.1.0~git20140921.1.440916e+dfsg1-13+deb9u3 (Thu, 10 Jan 2019 16:07:19  +0100) * debian/patches: Add security patches. - CVE-2018-8786.patch: The  count variable in update_read_bitmap() needs to be UINT32 (not UINT16). -  CVE-2018-8787.patch: In gdi_Bitmap_Decompress, check for invalid bpp, width  and height before decompressing. CVE-2018-8788.patch: In NSC encode/decode  functions, catch data flawed in various ways and bail out with failure.  CVE-2018-8789.patch: In ntlm_read_message_fields_buffer, check buffer  offset vs. Stream_Length and bail out if not appropriate. - Thanks to Alex  Murray for backporting them to FreeRDP 1.1. * debian/patches: + Add  0010_add-support-for-credssp-v3-and-rdpproto-v6.patch. Add CredSSP v3 and  RDP proto v6 support. This allows users to connect to recently (since March  2018) updated Microsoft RDP servers again. Thanks to Bernhard Miklautz and  Martin Fleisz for helping out with backporting this patch. Much  appreciated! * debian/control: + Update Vcs-*: URLs. *  debian/lib{freerdp-core1.1,winpr-sspi0.1}.symbols: Update symbols.

* 1.1.0~git20140921.1.440916e+dfsg1-13+deb9u3 (Thu, 10 Jan 2019 16:07:19  +0100) * debian/patches: Add security patches. - CVE-2018-8786.patch: The  count variable in update_read_bitmap() needs to be UINT32 (not UINT16). -  CVE-2018-8787.patch: In gdi_Bitmap_Decompress, check for invalid bpp, width  and height before decompressing. CVE-2018-8788.patch: In NSC encode/decode  functions, catch data flawed in various ways and bail out with failure.  CVE-2018-8789.patch: In ntlm_read_message_fields_buffer, check buffer  offset vs. Stream_Length and bail out if not appropriate. - Thanks to Alex  Murray for backporting them to FreeRDP 1.1. * debian/patches: + Add  0010_add-support-for-credssp-v3-and-rdpproto-v6.patch. Add CredSSP v3 and  RDP proto v6 support. This allows users to connect to recently (since March  2018) updated Microsoft RDP servers again. Thanks to Bernhard Miklautz and  Martin Fleisz for helping out with backporting this patch. Much  appreciated! * debian/control: + Update Vcs-*: URLs. *  debian/lib{freerdp-core1.1,winpr-sspi0.1}.symbols: Update symbols.
Comment 1 Quality Assurance univentionstaff 2019-02-26 17:53:09 CET 
--- mirror/ftp/4.3/unmaintained/4.3-0/source/freerdp_1.1.0~git20140921.1.440916e+dfsg1-13+deb9u2.dsc
+++ apt/ucs_4.3-0-errata4.3-3/source/freerdp_1.1.0~git20140921.1.440916e+dfsg1-13+deb9u3.dsc
@@ -1,3 +1,25 @@
+1.1.0~git20140921.1.440916e+dfsg1-13+deb9u3 [Thu, 10 Jan 2019 16:07:19 +0100] Mike Gabriel <sunweaver@debian.org>:
+
+  * debian/patches: Add security patches.
+    - CVE-2018-8786.patch: The count variable in update_read_bitmap() needs to
+      be UINT32 (not UINT16).
+    - CVE-2018-8787.patch: In gdi_Bitmap_Decompress, check for invalid bpp,
+      width and height before decompressing.
+      CVE-2018-8788.patch: In NSC encode/decode functions, catch data flawed in
+      various ways and bail out with failure.
+      CVE-2018-8789.patch:  In ntlm_read_message_fields_buffer, check buffer
+      offset vs. Stream_Length and bail out if not appropriate.
+    - Thanks to Alex Murray for backporting them to FreeRDP 1.1.
+  * debian/patches:
+    + Add 0010_add-support-for-credssp-v3-and-rdpproto-v6.patch. Add CredSSP v3
+      and RDP proto v6 support. This allows users to connect to recently
+      (since March 2018) updated Microsoft RDP servers again.
+      Thanks to Bernhard Miklautz and Martin Fleisz for helping out with
+      backporting this patch. Much appreciated!
+  * debian/control:
+    + Update Vcs-*: URLs.
+  * debian/lib{freerdp-core1.1,winpr-sspi0.1}.symbols: Update symbols.
+
 1.1.0~git20140921.1.440916e+dfsg1-13+deb9u2 [Sat, 12 Aug 2017 15:26:43 -0400] Mike Gabriel <sunweaver@debian.org>:
 
   [ Bernhard Miklautz ]

<http://10.200.17.11/4.3-3/#2868217023980113244>
Comment 2 Philipp Hahn univentionstaff 2019-02-27 08:57:37 CET 
OK: yaml
OK: announce_errata
OK: patch
OK: piuparts

[4.3-3] 9c9b297065 Bug #48775: freerdp 1.1.0~git20140921.1.440916e+dfsg1-13+deb9u3
 doc/errata/staging/freerdp.yaml | 39 +++++++--------------------------------
 1 file changed, 7 insertions(+), 32 deletions(-)

[4.3-3] 0866115bd2 Bug #48775: freerdp 1.1.0~git20140921.1.440916e+dfsg1-13+deb9u3
 doc/errata/staging/freerdp.yaml | 46 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 46 insertions(+)
Comment 3 Arvid Requate univentionstaff 2019-02-27 13:29:15 CET 
<http://errata.software-univention.de/ucs/4.3/435.html>
First Last Prev Next    This bug is not in your last search results.