[Git][security-tracker-team/security-tracker][master] Add new freerdp2 issues

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c38d0d65 by Salvatore Bonaccorso at 2023-09-01T00:02:16+02:00
Add new freerdp2 issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -57,15 +57,24 @@ CVE-2023-41044 (Graylog is a free and open log management platform. A partial pa
 CVE-2023-41034 (Eclipse Leshan is a device management server and client Java implement ...)
 	TODO: check
 CVE-2023-40589 (FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), ...)
-	TODO: check
+	- freerdp2 <unfixed>
+	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-gc34-mw6m-g42x
+	NOTE: https://github.com/FreeRDP/FreeRDP/commit/16141a30f983dd6f7a6e5b0356084171942c9416
 CVE-2023-39355 (FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), ...)
-	TODO: check
+	- freerdp2 <unfixed>
+	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-hvwj-vmg6-2f5h
+	NOTE: https://github.com/FreeRDP/FreeRDP/commit/d6f9d33a7db0b346195b6a15b5b99944ba41beee
 CVE-2023-39354 (FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), ...)
-	TODO: check
+	- freerdp2 <unfixed>
+	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-c3r2-pxxp-f8r6
+	NOTE: https://github.com/FreeRDP/FreeRDP/commit/cd1da25a87358eb3b5512fd259310e95b19a05ec
 CVE-2023-39351 (FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), ...)
-	TODO: check
+	- freerdp2 <unfixed>
+	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-q9x9-cqjc-rgwq
 CVE-2023-39350 (FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), ...)
-	TODO: check
+	- freerdp2 <unfixed>
+	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rrrv-3w42-pffh
+	NOTE: https://github.com/FreeRDP/FreeRDP/commit/e204fc8be5a372626b13f66daf2abafe71dbc2dc
 CVE-2023-34392 (A Missing Authentication for Critical Function vulnerability in the Sc ...)
 	NOT-FOR-US: Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator
 CVE-2023-34391 (Insecure Inherited Permissions vulnerability in Schweitzer Engineering ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c38d0d655019e5d1948ece3488c8b109cee5f7ca

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c38d0d655019e5d1948ece3488c8b109cee5f7ca
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230831/99217110/attachment.htm>