Bug#1072112: freerdp2: CVE-2024-32658 CVE-2024-32659 CVE-2024-32660 CVE-2024-32661

To: Jeremy Bícha <jeremy.bicha@canonical.com>
Cc: 1072112@bugs.debian.org, Debian Security Team <team@security.debian.org>
Subject: Bug#1072112: freerdp2: CVE-2024-32658 CVE-2024-32659 CVE-2024-32660 CVE-2024-32661
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Thu, 3 Oct 2024 21:50:23 +0200
Message-id: <[🔎] Zv71f25UBfvSlSgL@eldamar.lan>
Reply-to: Salvatore Bonaccorso <carnil@debian.org>, 1072112@bugs.debian.org
In-reply-to: <[🔎] CAD+GYvxo3TiSudYd=J7AF37GWNnmqq32OHKrOZNC7ObjjQ8kNQ@mail.gmail.com>
References: <[🔎] CAD+GYvxo3TiSudYd=J7AF37GWNnmqq32OHKrOZNC7ObjjQ8kNQ@mail.gmail.com> <171692664770.1165001.12697738047881271706.reportbug@eldamar.lan>

Hi Jeremy,

On Thu, Oct 03, 2024 at 11:23:19AM -0400, Jeremy Bícha wrote:
> All of these except for CVE-2024-32661 appear to have been fixed in
> 2.11.7 according to the upstream links.
> 
> I am cherry-picking Ubuntu's version of the CVE-2024-32661 fix in my
> freerdp2 2.11.7+dfsg1-3 upload.

Thank you, I have updated the security-tracker metadata.

Regards,
Salvatore

Reply to:

References:
- Bug#1072112: freerdp2: CVE-2024-32658 CVE-2024-32659 CVE-2024-32660 CVE-2024-32661
  - From: Jeremy Bícha <jeremy.bicha@canonical.com>

Prev by Date: Bug#1074969: marked as done (freerdp2: ftbfs with GCC-14)
Next by Date: Bug#1079025: freerdp2: failing autopkgtests
Previous by thread: Bug#1072112: freerdp2: CVE-2024-32658 CVE-2024-32659 CVE-2024-32660 CVE-2024-32661
Next by thread: freerdp2_2.11.7+dfsg1-3_source.changes ACCEPTED into unstable
Index(es):
- Date
- Thread