Bug#1061173: marked as done (freerdp2: CVE-2024-22211: Integer Overflow leading to Heap Overflow in freerdp_bitmap_planar_context_reset)

To: Mike Gabriel <sunweaver@debian.org>
Subject: Bug#1061173: marked as done (freerdp2: CVE-2024-22211: Integer Overflow leading to Heap Overflow in freerdp_bitmap_planar_context_reset)
From: "Debian Bug Tracking System" <owner@bugs.debian.org>
Date: Mon, 25 Mar 2024 15:51:03 +0000
Message-id: <[🔎] handler.1061173.D1061173.17113817801644916.ackdone@bugs.debian.org>
Reply-to: 1061173@bugs.debian.org
References: <E1romZs-00E8bS-RV@fasolo.debian.org> <170574127247.719089.16651674708250329574.reportbug@eldamar.lan>

Your message dated Mon, 25 Mar 2024 15:49:36 +0000
with message-id <E1romZs-00E8bS-RV@fasolo.debian.org>
and subject line Bug#1061173: fixed in freerdp2 2.11.5+dfsg1-1
has caused the Debian Bug report #1061173,
regarding freerdp2: CVE-2024-22211: Integer Overflow leading to Heap Overflow in freerdp_bitmap_planar_context_reset
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1061173: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061173
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: freerdp2: CVE-2024-22211: Integer Overflow leading to Heap Overflow in freerdp_bitmap_planar_context_reset
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Sat, 20 Jan 2024 10:01:12 +0100
Message-id: <170574127247.719089.16651674708250329574.reportbug@eldamar.lan>

Source: freerdp2
Version: 2.11.2+dfsg1-1
Severity: important
Tags: security upstream
X-Debbugs-Cc: carnil@debian.org, Debian Security Team <team@security.debian.org>

Hi,

The following vulnerability was published for freerdp2.

CVE-2024-22211[0]:
| FreeRDP is a set of free and open source remote desktop protocol
| library and clients. In affected versions an integer overflow in
| `freerdp_bitmap_planar_context_reset` leads to heap-buffer overflow.
| This affects FreeRDP based clients. FreeRDP based server
| implementations and proxy are not affected. A malicious server could
| prepare a `RDPGFX_RESET_GRAPHICS_PDU` to allocate too small buffers,
| possibly triggering later out of bound read/write. Data extraction
| over network is not possible, the buffers are used to display an
| image. This issue has been addressed in version 2.11.5 and 3.2.0.
| Users are advised to upgrade. there are no know workarounds for this
| vulnerability.


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2024-22211
    https://www.cve.org/CVERecord?id=CVE-2024-22211
[1] https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rjhp-44rv-7v59

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

--- End Message ---

--- Begin Message ---

To: 1061173-close@bugs.debian.org
Subject: Bug#1061173: fixed in freerdp2 2.11.5+dfsg1-1
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Mon, 25 Mar 2024 15:49:36 +0000
Message-id: <E1romZs-00E8bS-RV@fasolo.debian.org>
Reply-to: Mike Gabriel <sunweaver@debian.org>

Source: freerdp2
Source-Version: 2.11.5+dfsg1-1
Done: Mike Gabriel <sunweaver@debian.org>

We believe that the bug you reported is fixed in the latest version of
freerdp2, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1061173@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Mike Gabriel <sunweaver@debian.org> (supplier of updated freerdp2 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 25 Mar 2024 16:09:04 +0100
Source: freerdp2
Architecture: source
Version: 2.11.5+dfsg1-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Remote Maintainers <debian-remote@lists.debian.org>
Changed-By: Mike Gabriel <sunweaver@debian.org>
Closes: 1061173 1061952
Changes:
 freerdp2 (2.11.5+dfsg1-1) unstable; urgency=medium
 .
   * New upstream release.
     - CVE-2024-22211: Fix integer overflow in progressive decoder. (Closes:
       #1061173).
   * Upload time_t64 changes to unstable. (Closes: #1061952).
   * debian/watch:
     + Adjust so we only see 2.x release.
   * debian/control:
     + Switch from pkg-config to pkgconf. Thanks, lintian.
Checksums-Sha1:
 2f69a04171b13e7ef1d02b1d78c143580d4b8956 3563 freerdp2_2.11.5+dfsg1-1.dsc
 5e822303d9fe54ba6b3155bc63a89e9a08a7b796 2270364 freerdp2_2.11.5+dfsg1.orig.tar.xz
 2bfc2d430bdd4d97138a3597d2933a7dcc89d1cd 45264 freerdp2_2.11.5+dfsg1-1.debian.tar.xz
 12609775501721883a1e224b10517b58bc77fb5a 14416 freerdp2_2.11.5+dfsg1-1_source.buildinfo
Checksums-Sha256:
 e0ba3ac20ebe4d2bf0ae992dcbba7abb368c08a06cf939caa64b9c600bb5c518 3563 freerdp2_2.11.5+dfsg1-1.dsc
 9c7a7f54244e149f25f5e40fe194016f532cfae7aa99b943e061fd93ed6991f0 2270364 freerdp2_2.11.5+dfsg1.orig.tar.xz
 69707349bdc04bdb386c074a6450a591b9a7f01913a3648cebc64833b2cf8110 45264 freerdp2_2.11.5+dfsg1-1.debian.tar.xz
 019300c8a0f7369b0b26c554f0eb5cef97b781ca7d8b21bcf9507bb45c09dd80 14416 freerdp2_2.11.5+dfsg1-1_source.buildinfo
Files:
 f54fdee42c8a4f624e4187f67e590582 3563 x11 optional freerdp2_2.11.5+dfsg1-1.dsc
 57649b5b86191218a995afa360e515d5 2270364 x11 optional freerdp2_2.11.5+dfsg1.orig.tar.xz
 11f459307c1cb78369f268a42e1f5540 45264 x11 optional freerdp2_2.11.5+dfsg1-1.debian.tar.xz
 d542c112bea0a48e0a1ac439461f80d4 14416 x11 optional freerdp2_2.11.5+dfsg1-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJJBAEBCAAzFiEEm/uu6GwKpf+/IgeCmvRrMCV3GzEFAmYBmTsVHHN1bndlYXZl
ckBkZWJpYW4ub3JnAAoJEJr0azAldxsxErMQAIDeajKRTROLtFoK6SurMR+T+XU9
0oN7IHZbN9WoIpdQ/0NXJusnabJprWRRtfUJaqZEpoi1+QrRLmuSlubBvAOJ6O6o
lYCcleWiImKEaDU9wClo4+J+EgJRCNttHDQ1or0KZatfdIJTDhaR3ZEFG+3i+9jT
wbuOlFghXejGGqqbUZv+/NACsDjtsobZaZz9A347oCWQ7L8Bnw22aV0x2ywZ/Psw
808HdgK6dEfTZ3ngZLEmzEiZf6QxCU2EswUzcTtE79tPN0v57T6+2LUR9qr9EIIk
hYYXIqSLUcFSbjYGJFWrc40hzj2UrEue2cgvLzSZlAxByR33UV4utO20mCnNVoaZ
tLUUlKQOzADQTafZuvN2XBkoGP4oyO4LeSewfjRk7ua9MUP18a/uKIrcf9bNEAVI
MEfSDjGyomK4vb3uLP3qmRKm/VZwtjezyi/tApfSnsKxWAohiU0xHj5TGxN/UCdU
6hagwTKWjmeq+GIAJy+KxtuqAOu/uK/+EeKROW++bTLVX1KNTkKqhDbbIuaxDCI9
OYaDh2UictWfQraZ7Y+bUr22V6N0VrOR48OyEExWpiskbsYIWOavg/Bm8uPNolmr
Y5UZs4tk+EHieuyfHAVjF0e9Ev+5iSOgCNhb0E1zqnauCwzcQyh9zbPG1FKAs5Ow
SXyyLDxwseQ81alj
=ubLR
-----END PGP SIGNATURE-----

Attachment: pgpWDzdf8sxdr.pgp
Description: PGP signature

--- End Message ---

Reply to:

Prev by Date: freerdp2_2.11.5+dfsg1-1_source.changes ACCEPTED into unstable
Next by Date: Processing of freerdp2_2.11.5+dfsg1-1_source.changes
Previous by thread: freerdp2_2.11.5+dfsg1-1_source.changes ACCEPTED into unstable
Next by thread: Processing of freerdp2_2.11.5+dfsg1-1_source.changes
Index(es):
- Date
- Thread