Описание
Security update for freerdp
This update for freerdp fixes the following issues:
- CVE-2019-17177: Fixed multiple memory leaks in libfreerdp/codec/region.c (bsc#1153163).
- CVE-2019-17178: Fixed a memory leak in HuffmanTree_makeFromFrequencies (bsc#1153164).
This update was imported from the SUSE:SLE-15-SP1:Update update project.
Список пакетов
openSUSE Leap 15.1
freerdp-2.0.0~rc4-lp151.5.3.1
freerdp-devel-2.0.0~rc4-lp151.5.3.1
freerdp-server-2.0.0~rc4-lp151.5.3.1
freerdp-wayland-2.0.0~rc4-lp151.5.3.1
libfreerdp2-2.0.0~rc4-lp151.5.3.1
libuwac0-0-2.0.0~rc4-lp151.5.3.1
libwinpr2-2.0.0~rc4-lp151.5.3.1
uwac0-0-devel-2.0.0~rc4-lp151.5.3.1
winpr2-devel-2.0.0~rc4-lp151.5.3.1
Ссылки
- E-Mail link for openSUSE-SU-2019:2608-1
- SUSE Security Ratings
- SUSE Bug 1153163
- SUSE Bug 1153164
- SUSE CVE CVE-2019-17177 page
- SUSE CVE CVE-2019-17178 page
Описание
libfreerdp/codec/region.c in FreeRDP through 1.1.x and 2.x through 2.0.0-rc4 has memory leaks because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return value.
Затронутые продукты
openSUSE Leap 15.1:freerdp-2.0.0~rc4-lp151.5.3.1
openSUSE Leap 15.1:freerdp-devel-2.0.0~rc4-lp151.5.3.1
openSUSE Leap 15.1:freerdp-server-2.0.0~rc4-lp151.5.3.1
openSUSE Leap 15.1:freerdp-wayland-2.0.0~rc4-lp151.5.3.1
Ссылки
- CVE-2019-17177
- SUSE Bug 1153163
Описание
HuffmanTree_makeFromFrequencies in lodepng.c in LodePNG through 2019-09-28, as used in WinPR in FreeRDP and other products, has a memory leak because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return value.
Затронутые продукты
openSUSE Leap 15.1:freerdp-2.0.0~rc4-lp151.5.3.1
openSUSE Leap 15.1:freerdp-devel-2.0.0~rc4-lp151.5.3.1
openSUSE Leap 15.1:freerdp-server-2.0.0~rc4-lp151.5.3.1
openSUSE Leap 15.1:freerdp-wayland-2.0.0~rc4-lp151.5.3.1
Ссылки
- CVE-2019-17178
- SUSE Bug 1153164