Hi Adam, On Mo 01 Jun 2020 13:29:23 CEST, Adam D. Barratt wrote:
On Mon, 2020-06-01 at 13:20 +0200, Mike Gabriel wrote:I just uploaded this update of freerdp2 to Debian buster. Thanks to Bernhard Miklautz, we have several security patches available: + [ Bernhard Miklautz ] + * debian/patches - security releated backports from upstream + * Add 0003-Fixed-6007-Boundary-checks-in- rdp_read_flow_control.patch + * Add 0004-Fixed-6009-Bounds-checks-in- autodetect_recv_bandwidt.patchNot every bug necessarily has to be fixed in stable...
Well, this is only a small selection of fixes from what has been fixed for recent 2.1.1. The urgent once. During Corona lock down, several Linux security experts files PRs and bug reports against FreeRDP.
For clarity, all of these are resolved in unstable already?
Yes, all bugs are resolved in upstream release 2.1.1 (which has just been uploaded to unstable a couple of days ago).
Mike -- mike gabriel aka sunweaver (Debian Developer) mobile: +49 (1520) 1976 148 landline: +49 (4351) 486 14 27 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: sunweaver@debian.org, http://sunweavers.net
Attachment:
pgpiZRBQ_kQih.pgp
Description: Digitale PGP-Signatur