[Git][security-tracker-team/security-tracker][master] Add four new freerdp issues
Salvatore Bonaccorso
carnil at debian.org
Tue Jun 23 08:29:48 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
33c6a995 by Salvatore Bonaccorso at 2020-06-23T09:29:13+02:00
Add four new freerdp issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -27922,14 +27922,26 @@ CVE-2020-4035 (In WatermelonDB (NPM package "@nozbe/watermelondb") before versio
TODO: check
CVE-2020-4034
RESERVED
-CVE-2020-4033
+CVE-2020-4033 [OOB Read in RLEDECOMPRESS]
RESERVED
-CVE-2020-4032
+ - freerdp2 <unfixed>
+ - freerdp <removed>
+ NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-7rhj-856w-82p8
+CVE-2020-4032 [Integer casting vulnerability in `update_recv_secondary_order`]
RESERVED
-CVE-2020-4031
+ - freerdp2 <unfixed>
+ - freerdp <removed>
+ NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-3898-mc89-x2vc
+CVE-2020-4031 [Use-After-Free in gdi_SelectObject]
RESERVED
-CVE-2020-4030
+ - freerdp2 <unfixed>
+ - freerdp <removed>
+ NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-gwcq-hpq2-m74g
+CVE-2020-4030 [OOB read in `TrioParse`]
RESERVED
+ - freerdp2 <unfixed>
+ - freerdp <removed>
+ NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-fjr5-97f5-qq98
CVE-2020-4029
RESERVED
CVE-2020-4028
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/33c6a99515fcbda4d79c57304641f225cdbb950f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/33c6a99515fcbda4d79c57304641f225cdbb950f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200623/4a8a40e8/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list