Описание
Security update for freerdp
This update for freerdp fixes the following issues:
- CVE-2019-17177: Fixed multiple memory leaks in libfreerdp/codec/region.c (bsc#1153163).
- CVE-2019-17178: Fixed a memory leak in HuffmanTree_makeFromFrequencies (bsc#1153164).
Список пакетов
SUSE Linux Enterprise Desktop 12 SP4
freerdp-2.0.0~git.1463131968.4e66df7-12.11.1
libfreerdp2-2.0.0~git.1463131968.4e66df7-12.11.1
SUSE Linux Enterprise Software Development Kit 12 SP4
freerdp-devel-2.0.0~git.1463131968.4e66df7-12.11.1
libfreerdp2-2.0.0~git.1463131968.4e66df7-12.11.1
SUSE Linux Enterprise Software Development Kit 12 SP5
freerdp-devel-2.0.0~git.1463131968.4e66df7-12.11.1
libfreerdp2-2.0.0~git.1463131968.4e66df7-12.11.1
SUSE Linux Enterprise Workstation Extension 12 SP4
freerdp-2.0.0~git.1463131968.4e66df7-12.11.1
libfreerdp2-2.0.0~git.1463131968.4e66df7-12.11.1
SUSE Linux Enterprise Workstation Extension 12 SP5
freerdp-2.0.0~git.1463131968.4e66df7-12.11.1
libfreerdp2-2.0.0~git.1463131968.4e66df7-12.11.1
Ссылки
- Link for SUSE-SU-2019:3077-1
- E-Mail link for SUSE-SU-2019:3077-1
- SUSE Security Ratings
- SUSE Bug 1153163
- SUSE Bug 1153164
- SUSE CVE CVE-2019-17177 page
- SUSE CVE CVE-2019-17178 page
Описание
libfreerdp/codec/region.c in FreeRDP through 1.1.x and 2.x through 2.0.0-rc4 has memory leaks because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return value.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP4:freerdp-2.0.0~git.1463131968.4e66df7-12.11.1
SUSE Linux Enterprise Desktop 12 SP4:libfreerdp2-2.0.0~git.1463131968.4e66df7-12.11.1
SUSE Linux Enterprise Software Development Kit 12 SP4:freerdp-devel-2.0.0~git.1463131968.4e66df7-12.11.1
SUSE Linux Enterprise Software Development Kit 12 SP4:libfreerdp2-2.0.0~git.1463131968.4e66df7-12.11.1
Ссылки
- CVE-2019-17177
- SUSE Bug 1153163
Описание
HuffmanTree_makeFromFrequencies in lodepng.c in LodePNG through 2019-09-28, as used in WinPR in FreeRDP and other products, has a memory leak because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return value.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP4:freerdp-2.0.0~git.1463131968.4e66df7-12.11.1
SUSE Linux Enterprise Desktop 12 SP4:libfreerdp2-2.0.0~git.1463131968.4e66df7-12.11.1
SUSE Linux Enterprise Software Development Kit 12 SP4:freerdp-devel-2.0.0~git.1463131968.4e66df7-12.11.1
SUSE Linux Enterprise Software Development Kit 12 SP4:libfreerdp2-2.0.0~git.1463131968.4e66df7-12.11.1
Ссылки
- CVE-2019-17178
- SUSE Bug 1153164