[Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-40187/freerdp2

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Sep 10 20:43:40 BST 2023



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7d355c29 by Salvatore Bonaccorso at 2023-09-10T21:43:02+02:00
Update information for CVE-2023-40187/freerdp2

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1443,8 +1443,10 @@ CVE-2023-40188 (FreeRDP is a free implementation of the Remote Desktop Protocol
 	- freerdp2 <unfixed>
 	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9w28-wwj5-p4xq
 CVE-2023-40187 (FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), ...)
-	- freerdp2 <unfixed>
+	- freerdp2 <not-affected> (Vulnerable code introduced in 3.0.0-beta1)
 	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-pwf9-v5p9-ch4f
+	NOTE: Introduced by: https://github.com/FreeRDP/FreeRDP/commit/f34679397024a67ce6d568aad9ede19a8858b6f3 (3.0.0-beta1)
+	NOTE: Fixed by: https://github.com/FreeRDP/FreeRDP/commit/ab31e8ba6ab3b4dd0183929cfb00bd5e797c402c (3.0.0-beta3)
 CVE-2023-40186 (FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), ...)
 	- freerdp2 <unfixed>
 	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-hcj4-3c3r-5j3v



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7d355c298b2c50858fe15a843633449372f10c54

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7d355c298b2c50858fe15a843633449372f10c54
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230910/1a2753fe/attachment.htm>


More information about the debian-security-tracker-commits mailing list