Описание
Security update for freerdp
This update for freerdp fixes the following issues:
- CVE-2019-17177: Fixed multiple memory leaks in libfreerdp/codec/region.c (bsc#1153163).
- CVE-2019-17178: Fixed a memory leak in HuffmanTree_makeFromFrequencies (bsc#1153164).
Список пакетов
SUSE Linux Enterprise Workstation Extension 15 SP1
freerdp-2.0.0~rc4-10.4.1
freerdp-devel-2.0.0~rc4-10.4.1
libfreerdp2-2.0.0~rc4-10.4.1
libwinpr2-2.0.0~rc4-10.4.1
winpr2-devel-2.0.0~rc4-10.4.1
Ссылки
- Link for SUSE-SU-2019:3079-1
- E-Mail link for SUSE-SU-2019:3079-1
- SUSE Security Ratings
- SUSE Bug 1153163
- SUSE Bug 1153164
- SUSE CVE CVE-2019-17177 page
- SUSE CVE CVE-2019-17178 page
Описание
libfreerdp/codec/region.c in FreeRDP through 1.1.x and 2.x through 2.0.0-rc4 has memory leaks because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return value.
Затронутые продукты
SUSE Linux Enterprise Workstation Extension 15 SP1:freerdp-2.0.0~rc4-10.4.1
SUSE Linux Enterprise Workstation Extension 15 SP1:freerdp-devel-2.0.0~rc4-10.4.1
SUSE Linux Enterprise Workstation Extension 15 SP1:libfreerdp2-2.0.0~rc4-10.4.1
SUSE Linux Enterprise Workstation Extension 15 SP1:libwinpr2-2.0.0~rc4-10.4.1
Ссылки
- CVE-2019-17177
- SUSE Bug 1153163
Описание
HuffmanTree_makeFromFrequencies in lodepng.c in LodePNG through 2019-09-28, as used in WinPR in FreeRDP and other products, has a memory leak because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return value.
Затронутые продукты
SUSE Linux Enterprise Workstation Extension 15 SP1:freerdp-2.0.0~rc4-10.4.1
SUSE Linux Enterprise Workstation Extension 15 SP1:freerdp-devel-2.0.0~rc4-10.4.1
SUSE Linux Enterprise Workstation Extension 15 SP1:libfreerdp2-2.0.0~rc4-10.4.1
SUSE Linux Enterprise Workstation Extension 15 SP1:libwinpr2-2.0.0~rc4-10.4.1
Ссылки
- CVE-2019-17178
- SUSE Bug 1153164