Описание
Security update for freerdp
This update for freerdp fixes the following issues:
- CVE-2021-41159: Fixed improper validation of client input (bsc#1191895).
- CVE-2022-41160: Fixed improper region checks (bsc#1191895).
Список пакетов
SUSE Linux Enterprise Module for Package Hub 15 SP3
freerdp-2.1.2-150200.15.18.1
freerdp-devel-2.1.2-150200.15.18.1
freerdp-proxy-2.1.2-150200.15.18.1
libfreerdp2-2.1.2-150200.15.18.1
libwinpr2-2.1.2-150200.15.18.1
winpr2-devel-2.1.2-150200.15.18.1
SUSE Linux Enterprise Workstation Extension 15 SP3
freerdp-2.1.2-150200.15.18.1
freerdp-devel-2.1.2-150200.15.18.1
freerdp-proxy-2.1.2-150200.15.18.1
libfreerdp2-2.1.2-150200.15.18.1
libwinpr2-2.1.2-150200.15.18.1
winpr2-devel-2.1.2-150200.15.18.1
openSUSE Leap 15.3
freerdp-2.1.2-150200.15.18.1
freerdp-devel-2.1.2-150200.15.18.1
freerdp-proxy-2.1.2-150200.15.18.1
freerdp-server-2.1.2-150200.15.18.1
freerdp-wayland-2.1.2-150200.15.18.1
libfreerdp2-2.1.2-150200.15.18.1
libuwac0-0-2.1.2-150200.15.18.1
libwinpr2-2.1.2-150200.15.18.1
uwac0-0-devel-2.1.2-150200.15.18.1
winpr2-devel-2.1.2-150200.15.18.1
Ссылки
- Link for SUSE-SU-2022:2891-1
- E-Mail link for SUSE-SU-2022:2891-1
- SUSE Security Ratings
- SUSE Bug 1191895
- SUSE CVE CVE-2021-41159 page
- SUSE CVE CVE-2022-41160 page
Описание
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. All FreeRDP clients prior to version 2.4.1 using gateway connections (`/gt:rpc`) fail to validate input data. A malicious gateway might allow client memory to be written out of bounds. This issue has been resolved in version 2.4.1. If you are unable to update then use `/gt:http` rather than /gt:rdp connections if possible or use a direct connection without a gateway.
Затронутые продукты
SUSE Linux Enterprise Module for Package Hub 15 SP3:freerdp-2.1.2-150200.15.18.1
SUSE Linux Enterprise Module for Package Hub 15 SP3:freerdp-devel-2.1.2-150200.15.18.1
SUSE Linux Enterprise Module for Package Hub 15 SP3:freerdp-proxy-2.1.2-150200.15.18.1
SUSE Linux Enterprise Module for Package Hub 15 SP3:libfreerdp2-2.1.2-150200.15.18.1
Ссылки
- CVE-2021-41159
- SUSE Bug 1191895
Описание
unknown
Затронутые продукты
SUSE Linux Enterprise Module for Package Hub 15 SP3:freerdp-2.1.2-150200.15.18.1
SUSE Linux Enterprise Module for Package Hub 15 SP3:freerdp-devel-2.1.2-150200.15.18.1
SUSE Linux Enterprise Module for Package Hub 15 SP3:freerdp-proxy-2.1.2-150200.15.18.1
SUSE Linux Enterprise Module for Package Hub 15 SP3:libfreerdp2-2.1.2-150200.15.18.1
Ссылки
- CVE-2022-41160