[Git][security-tracker-team/security-tracker][master] Several frerdp2 issues fixed via unstable upload
Salvatore Bonaccorso
carnil at debian.org
Mon Jun 29 20:57:27 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8b5a98e8 by Salvatore Bonaccorso at 2020-06-29T21:56:58+02:00
Several frerdp2 issues fixed via unstable upload
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11462,31 +11462,31 @@ CVE-2016-11024 (odata4j 0.7.0 allows ExecuteJPQLQueryCommand.java SQL injection.
CVE-2016-11023 (odata4j 0.7.0 allows ExecuteCountQueryCommand.java SQL injection. NOTE ...)
NOT-FOR-US: odata4j
CVE-2020-11099 (In FreeRDP before version 2.1.2, there is an out of bounds read in lic ...)
- - freerdp2 <unfixed>
+ - freerdp2 2.1.2+dfsg1-1
[buster] - freerdp2 <no-dsa> (Minor issue)
- freerdp <removed>
[stretch] - freerdp <no-dsa> (Minor issue)
NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-977w-866x-4v5h
CVE-2020-11098 (In FreeRDP before version 2.1.2, there is an out-of-bound read in glyp ...)
- - freerdp2 <unfixed>
+ - freerdp2 2.1.2+dfsg1-1
[buster] - freerdp2 <no-dsa> (Minor issue)
- freerdp <removed>
[stretch] - freerdp <no-dsa> (Minor issue)
NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-jr57-f58x-hjmv
CVE-2020-11097 (In FreeRDP before version 2.1.2, an out of bounds read occurs resultin ...)
- - freerdp2 <unfixed>
+ - freerdp2 2.1.2+dfsg1-1
[buster] - freerdp2 <no-dsa> (Minor issue)
- freerdp <removed>
[stretch] - freerdp <no-dsa> (Minor issue)
NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-c8x2-c3c9-9r3f
CVE-2020-11096 (In FreeRDP before version 2.1.2, there is a global OOB read in update_ ...)
- - freerdp2 <unfixed>
+ - freerdp2 2.1.2+dfsg1-1
[buster] - freerdp2 <no-dsa> (Minor issue)
- freerdp <removed>
[stretch] - freerdp <no-dsa> (Minor issue)
NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-mjw7-3mq2-996x
CVE-2020-11095 (In FreeRDP before version 2.1.2, an out of bound reads occurs resultin ...)
- - freerdp2 <unfixed>
+ - freerdp2 2.1.2+dfsg1-1
[buster] - freerdp2 <no-dsa> (Minor issue)
- freerdp <removed>
[stretch] - freerdp <no-dsa> (Minor issue)
@@ -28901,25 +28901,25 @@ CVE-2020-4035 (In WatermelonDB (NPM package "@nozbe/watermelondb") before versio
CVE-2020-4034
RESERVED
CVE-2020-4033 (In FreeRDP before version 2.1.2, there is an out of bounds read in RLE ...)
- - freerdp2 <unfixed>
+ - freerdp2 2.1.2+dfsg1-1
[buster] - freerdp2 <no-dsa> (Minor issue)
- freerdp <removed>
[stretch] - freerdp <no-dsa> (Minor issue)
NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-7rhj-856w-82p8
CVE-2020-4032 (In FreeRDP before version 2.1.2, there is an integer casting vulnerabi ...)
- - freerdp2 <unfixed>
+ - freerdp2 2.1.2+dfsg1-1
[buster] - freerdp2 <no-dsa> (Minor issue)
- freerdp <removed>
[stretch] - freerdp <no-dsa> (Minor issue)
NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-3898-mc89-x2vc
CVE-2020-4031 (In FreeRDP before version 2.1.2, there is a use-after-free in gdi_Sele ...)
- - freerdp2 <unfixed>
+ - freerdp2 2.1.2+dfsg1-1
[buster] - freerdp2 <no-dsa> (Minor issue)
- freerdp <removed>
[stretch] - freerdp <no-dsa> (Minor issue)
NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-gwcq-hpq2-m74g
CVE-2020-4030 (In FreeRDP before version 2.1.2, there is an out of bounds read in Tri ...)
- - freerdp2 <unfixed>
+ - freerdp2 2.1.2+dfsg1-1
[buster] - freerdp2 <no-dsa> (Minor issue)
- freerdp <removed>
[stretch] - freerdp <no-dsa> (Minor issue)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b5a98e86041791f85a8df5633ef09a5bd896324
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b5a98e86041791f85a8df5633ef09a5bd896324
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200629/a928aa64/attachment.html>
More information about the debian-security-tracker-commits
mailing list