[Git][security-tracker-team/security-tracker][master] Reference upstream commit for various rdesktop issues

Salvatore Bonaccorso carnil at debian.org
Tue Jan 8 05:44:31 GMT 2019 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ec72932c by Salvatore Bonaccorso at 2019-01-08T05:43:07Z
Reference upstream commit for various rdesktop issues

Unfortunately all changes for the various issues are collected in one
single commit, but will apply at least as set to 1.8.3 itself.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5941,22 +5941,31 @@ CVE-2018-20183
 	RESERVED
 CVE-2018-20182 [Remote code execution in seamless_process_line()]
 	- rdesktop 1.8.4-1
+	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
 CVE-2018-20181 [Remote code execution in seamless_process()]
 	- rdesktop 1.8.4-1
+	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
 CVE-2018-20180 [Remote code execution in rdpsnddbg_process()]
 	- rdesktop 1.8.4-1
+	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
 CVE-2018-20179 [Remote code execution in lspci_process()]
 	- rdesktop 1.8.4-1
+	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
 CVE-2018-20178 [DoS in process_demand_active()]
 	- rdesktop 1.8.4-1
+	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
 CVE-2018-20177 [Memory corruption in rdp_in_unistr()]
 	- rdesktop 1.8.4-1
+	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
 CVE-2018-20176 [DoS in sec_parse_crypt_info() and in sec_recv()]
 	- rdesktop 1.8.4-1
+	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
 CVE-2018-20175 [DoS in mcs_recv_connect_response() and in mcs_parse_domain_params()]
 	- rdesktop 1.8.4-1
+	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
 CVE-2018-20174 [Major information leak in ui_clip_handle_data()]
 	- rdesktop 1.8.4-1
+	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
 CVE-2018-20173 (Zoho ManageEngine OpManager 12.3 before 123238 allows SQL injection via ...)
 	NOT-FOR-US: Zoho ManageEngine OpManager
 CVE-2018-20346 (SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an ...)
@@ -42230,24 +42239,34 @@ CVE-2018-8801 (GitLab Community and Enterprise Editions version 8.3 up to 10.x b
 	NOTE: https://about.gitlab.com/2018/03/20/critical-security-release-gitlab-10-dot-5-dot-6-released/
 CVE-2018-8800 [Remote code execution in ui_clip_handle_data()]
 	- rdesktop 1.8.4-1
+	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
 CVE-2018-8799 [DoS in process_secondary_order()]
 	- rdesktop 1.8.4-1
+	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
 CVE-2018-8798 [Minor information leak in rdpsnd_process_ping()]
 	- rdesktop 1.8.4-1
+	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
 CVE-2018-8797 [Remote code execution in process_plane()]
 	- rdesktop 1.8.4-1
+	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
 CVE-2018-8796 [DoS in process_bitmap_data()]
 	- rdesktop 1.8.4-1
+	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
 CVE-2018-8795 [Remote code execution in process_bitmap_data()]
 	- rdesktop 1.8.4-1
+	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
 CVE-2018-8794 [Memory corruption in process_bitmap_data()]
 	- rdesktop 1.8.4-1
+	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
 CVE-2018-8793 [Remote code execution in cssp_read_tsrequest()]
 	- rdesktop 1.8.4-1
+	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
 CVE-2018-8792 [DoS in cssp_read_tsrequest()]
 	- rdesktop 1.8.4-1
+	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
 CVE-2018-8791 [Minor information leak in rdpdr_process()]
 	- rdesktop 1.8.4-1
+	NOTE: https://github.com/rdesktop/rdesktop/commit/766ebcf6f23ccfe8323ac10242ae6e127d4505d2 (v1.8.4)
 CVE-2018-8790
 	RESERVED
 CVE-2018-8789 (FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ec72932c6eae00b1663ab6277cab606c41a7b89e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ec72932c6eae00b1663ab6277cab606c41a7b89e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190108/71d29520/attachment.html>

More information about the debian-security-tracker-commits mailing list