What | Removed | Added |
---|---|---|
Flags | needinfo? |
to facilitate a more complete picture I tried to document the open CVEs, see below. There might be some missing, because they came in over a few weeks. Feel free to use this for the changes file. update to 2.0 fixing: CVE-2020-11042: out-of-bounds read in update_read_icon_info CVE-2020-11044: denial of service in update_read_cache_bitmap_v3_order affecting clients CVE-2020-11045: out-of-bound read in in update_read_bitmap_data CVE-2020-11046: out-of-bounds seek in update_read_synchronize CVE-2020-11047: out-of-bounds read in autodetect_recv_bandwidth_measure_results CVE-2020-11048: out-of-bounds read in rdp_read_flow_control_pdu CVE-2020-11049: out-of-bound read of client memory that is then passed on to the protocol parser update to 2.1 fixing: CVE-2020-11017: malicious client can create a double free condition and crash the server CVE-2020-11018: malicious clients could trigger out of bound reads causing memory allocation with random size CVE-2020-11019: denial of service if logger set to "WLOG_TRACE" CVE-2020-11038: buffer overflow when using /video redirection CVE-2020-11039: arbitrary memory read and write when USB redirection enabled CVE-2020-11040: out-of-bound data read in clear_decompress_subcode_rlex CVE-2020-11041: denial of service by malicious server related to configuration for sound backend CVE-2020-11043: out-of-bounds read in rfx_process_message_tileset CVE-2020-11085: out-of-bounds read in cliprdr_read_format_list CVE-2020-11086: out-of-bound read in ntlm_read_ntlm_v2_client_challenge CVE-2020-11087: out-of-bound read in ntlm_read_AuthenticateMessage CVE-2020-11088: out-of-bound read in ntlm_read_NegotiateMessage CVE-2020-11089: out-of-bound read in irp function family update to 2.1.1 (already mentioned): CVE-2020-13396: out-of-bounds read in ntlm_read_ChallengeMessage CVE-2020-13397: out-of-bounds read in security_fips_decrypt CVE-2020-13398: out-of-bounds write in crypto_rsa_common all of these affect both SUSE:SLE-12-SP2:Update and SUSE:SLE-15-SP1:Update, meaning even in freerdp 2.0 RC4 the fixes for 2.0 are missing.