Bug#999727: freerdp2: Latest version contains security fixes

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#999727: freerdp2: Latest version contains security fixes
From: Stephen Quinney <stephen@jadevine.org.uk>
Date: Mon, 15 Nov 2021 14:31:21 +0000
Message-id: <[🔎] 163698668174.427099.10044889720240126593.reportbug@trilobite>
Reply-to: Stephen Quinney <stephen@jadevine.org.uk>, 999727@bugs.debian.org

Source: freerdp2
Severity: important
X-Debbugs-Cc: stephen@jadevine.org.uk

The latest version of the freerdp software (2.4.1) which was released
a few weeks ago contains important fixes for two security issues:

CVE-2021-41159: Improper client input validation for gateway connections allows to overwrite memory

CVE-2021-41160: Improper region checks in all clients allow out of bound write to memory


-- System Information:
Debian Release: 11.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-8-amd64 (SMP w/8 CPU threads)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Reply to:

Prev by Date: Bug#998891: remmina: Please enable X2Go plugin and ship it in Debian
Next by Date: Processing of x2gobroker_0.0.4.3-2_source.changes
Previous by thread: Bug#998891: remmina: Please enable X2Go plugin and ship it in Debian
Next by thread: Processing of x2gobroker_0.0.4.3-2_source.changes
Index(es):
- Date
- Thread