[Git][security-tracker-team/security-tracker][master] Add some more FreeRDP issues

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0e54d5d2 by Salvatore Bonaccorso at 2020-06-23T09:31:49+02:00
Add some more FreeRDP issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -10574,16 +10574,31 @@ CVE-2016-11024 (odata4j 0.7.0 allows ExecuteJPQLQueryCommand.java SQL injection.
 	NOT-FOR-US: odata4j
 CVE-2016-11023 (odata4j 0.7.0 allows ExecuteCountQueryCommand.java SQL injection. NOTE ...)
 	NOT-FOR-US: odata4j
-CVE-2020-11099
+CVE-2020-11099 [OOB Read in license_read_new_or_upgrade_license_packet]
 	RESERVED
-CVE-2020-11098
+	- freerdp2 <unfixed>
+	- freerdp <removed>
+	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-977w-866x-4v5h
+CVE-2020-11098 [Out-of-bound read in glyph_cache_put]
 	RESERVED
-CVE-2020-11097
+	- freerdp2 <unfixed>
+	- freerdp <removed>
+	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-jr57-f58x-hjmv
+CVE-2020-11097 [ OOB read in ntlm_av_pair_get]
 	RESERVED
-CVE-2020-11096
+	- freerdp2 <unfixed>
+	- freerdp <removed>
+	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-c8x2-c3c9-9r3f
+CVE-2020-11096 [Global OOB read in update_read_cache_bitmap_v3_order]
 	RESERVED
-CVE-2020-11095
+	- freerdp2 <unfixed>
+	- freerdp <removed>
+	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-mjw7-3mq2-996x
+CVE-2020-11095 [Global OOB read in update_recv_primary_order]
 	RESERVED
+	- freerdp2 <unfixed>
+	- freerdp <removed>
+	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-563r-pvh7-4fw2
 CVE-2020-11094 (The October CMS debugbar plugin before version 3.1.0 contains a featur ...)
 	NOT-FOR-US: October CMS
 CVE-2020-11093



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0e54d5d235601a0739485ded9a8d7e0f438554a0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0e54d5d235601a0739485ded9a8d7e0f438554a0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200623/a2040124/attachment.html>