[Git][security-tracker-team/security-tracker][master] "new" freerdp issue

[Moritz Muehlenhoff]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c994e840 by Moritz Muehlenhoff at 2020-09-09T23:21:58+02:00
"new" freerdp issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -67016,7 +67016,14 @@ CVE-2019-17180 (Valve Steam Client before 2019-09-12 allows placing or appending
 CVE-2019-17179 (4.1.0, 4.1.1, 4.1.2, 4.1.2.3, 4.1.2.6, 4.1.2.7, 4.2.0, 4.2.1, 4.2.2, 5 ...)
 	NOT-FOR-US: OpenEMR
 CVE-2019-17178 (HuffmanTree_makeFromFrequencies in lodepng.c in LodePNG through 2019-0 ...)
-	TODO: check
+	- freerdp2 2.1.1+dfsg1-1
+	[buster] - freerdp2 <no-dsa> (Minor issue)
+	- freerdp <removed>
+	NOTE: https://github.com/FreeRDP/FreeRDP/issues/5645
+	NOTE: https://github.com/akallabeth/FreeRDP/commit/fc80ab45621bd966f70594c0b7393ec005a94007
+	NOTE: Multiple source packages embed a copy of lodepng (openscad, tbb, mame, passage,
+	NOTE: quakespasm, simbody, paraview, dart, drumgizmo, doxygen, love, libtcod, f
+	NOTE: cubicsdr, nestopia, refind, zopfli, montage), but don't seem security-relevant
 CVE-2019-17177 (libfreerdp/codec/region.c in FreeRDP through 1.1.x and 2.x through 2.0 ...)
 	- freerdp2 2.0.0~git20190204.1.2693389a+dfsg1-2 (low)
 	[buster] - freerdp2 2.0.0~git20190204.1.2693389a+dfsg1-1+deb10u1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c994e84089a6808af9798df8d56468d6db91a66d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c994e84089a6808af9798df8d56468d6db91a66d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200909/1cc55b0d/attachment.html>