[Git][security-tracker-team/security-tracker][master] Add CVE-2022-2488{2,3}/freerdp2

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Apr 27 08:31:14 BST 2022



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
48491567 by Salvatore Bonaccorso at 2022-04-27T09:30:37+02:00
Add CVE-2022-2488{2,3}/freerdp2

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -13631,9 +13631,15 @@ CVE-2022-24885
 CVE-2022-24884
 	RESERVED
 CVE-2022-24883 (FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). ...)
-	TODO: check
+	- freerdp2 <unfixed>
+	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-qxm3-v2r6-vmwf
+	NOTE: Fixed by: https://github.com/FreeRDP/FreeRDP/commit/4661492e5a617199457c8074bad22f766a116cdc
+	NOTE: Fixed by (backport): https://github.com/FreeRDP/FreeRDP/commit/6f473b273a4b6f0cb6aca32b95e22fd0de88e144
 CVE-2022-24882 (FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). ...)
-	TODO: check
+	- freerdp2 <unfixed>
+	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-6x5p-gp49-3jhh
+	NOTE: https://gitlab.gnome.org/GNOME/gnome-remote-desktop/-/issues/95
+	NOTE: Pull request for stable 2.0 branch: https://github.com/FreeRDP/FreeRDP/pull/7750
 CVE-2022-24881 (Ballcat Codegen provides the function of online editing code to genera ...)
 	TODO: check
 CVE-2022-24880 (flask-session-captcha is a package which allows users to extend Flask  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4849156704142379ac1a6e4caf575a4364c319b9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4849156704142379ac1a6e4caf575a4364c319b9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220427/96f81ae4/attachment.htm>


More information about the debian-security-tracker-commits mailing list