[Git][security-tracker-team/security-tracker][master] Add new FreeRDP issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Apr 21 20:35:14 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d1d4daa5 by Salvatore Bonaccorso at 2024-04-21T21:34:39+02:00
Add new FreeRDP issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,27 @@
+CVE-2024-32041 [OutOfBound Read in zgfx_decompress_segment]
+	- freerdp3 <not-affected> (Fixed with initial upload to Debian unstable)
+	- freerdp2 <unfixed>
+	NOTE: https://www.freerdp.com/2024/04/17/2_11_6-release
+CVE-2024-32039 [Integer overflow & OutOfBound Write in clear_decompress_residual_data]
+	- freerdp3 <not-affected> (Fixed with initial upload to Debian unstable)
+	- freerdp2 <unfixed>
+	NOTE: https://www.freerdp.com/2024/04/17/2_11_6-release
+CVE-2024-32040 [integer underflow in nsc_rle_decode]
+	- freerdp3 <not-affected> (Fixed with initial upload to Debian unstable)
+	- freerdp2 <unfixed>
+	NOTE: https://www.freerdp.com/2024/04/17/2_11_6-release
+CVE-2024-32458 [OutOfBound Read in planar_skip_plane_rle]
+	- freerdp3 <not-affected> (Fixed with initial upload to Debian unstable)
+	- freerdp2 <unfixed>
+	NOTE: https://www.freerdp.com/2024/04/17/2_11_6-release
+CVE-2024-32459 [OutOfBound Read in ncrush_decompress]
+	- freerdp3 <not-affected> (Fixed with initial upload to Debian unstable)
+	- freerdp2 <unfixed>
+	NOTE: https://www.freerdp.com/2024/04/17/2_11_6-release
+CVE-2024-32460 [Low] OutOfBound Read in interleaved_decompress]
+	- freerdp3 <not-affected> (Fixed with initial upload to Debian unstable)
+	- freerdp2 <unfixed>
+	NOTE: https://www.freerdp.com/2024/04/17/2_11_6-release
 CVE-2024-32493 [SQL injection issue regarding Form IDs when cleaning up drafts]
 	- znuny 6.5.8-1
 	NOTE: https://www.znuny.org/en/advisories/zsa-2024-03



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d1d4daa56ffac507e8478a5dbe7d61c29cbff368

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d1d4daa56ffac507e8478a5dbe7d61c29cbff368
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240421/89410b4e/attachment.htm>

More information about the debian-security-tracker-commits mailing list