[Git][security-tracker-team/security-tracker][master] Add one new freerdp3 issue

Sat May 30 20:44:07 BST 2026


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ff5e8007 by Salvatore Bonaccorso at 2026-05-30T21:43:30+02:00
Add one new freerdp3 issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5334,7 +5334,10 @@ CVE-2026-40383 (An improper validation of user-supplied input leads to a local f
 CVE-2026-40034 (gix-submodule before 0.29.0 (gitoxide before 0.5.21, gix before 0.84.0 ...)
 	TODO: check
 CVE-2026-40033 (FreeRDP before 3.26.0 contains a heap-buffer-overflow vulnerability in ...)
-	TODO: check
+	- freerdp3 3.26.0+dfsg-1
+	- freerdp2 <removed>
+	NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-p6r2-4hgm-m6ff
+	TODO: unclear fixing commit references, incorrect reference in CVE entry?
 CVE-2026-3660 (IBM Engineering Lifecycle Management 7.0.3, 7.1.0, and 7.2.0 could all ...)
 	NOT-FOR-US: IBM
 CVE-2026-3603 (IBM Engineering Lifecycle Management 7.0.3 Interim Fix 001 through Int ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ff5e800708e46ca53987be5e4e74e5c26cb7b72b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ff5e800708e46ca53987be5e4e74e5c26cb7b72b
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260530/16b1456c/attachment.htm>
