UbuntuUpdates.org

Package "libfreerdp-shadow2-2"

Name: libfreerdp-shadow2-2

Description:

FreeRDP Remote Desktop Protocol shadow libraries

Latest version: 2.2.0+dfsg1-0ubuntu0.20.04.6
Release: focal (20.04)
Level: security
Repository: main
Head package: freerdp2
Homepage: http://www.freerdp.com/

Links


Download "libfreerdp-shadow2-2"


Other versions of "libfreerdp-shadow2-2" in Focal

Repository Area Version
base main 2.0.0~git20190204.1.2693389a+dfsg1-2build2
updates main 2.2.0+dfsg1-0ubuntu0.20.04.6

Changelog

Version: 2.2.0+dfsg1-0ubuntu0.20.04.6 2023-11-29 14:06:52 UTC

  freerdp2 (2.2.0+dfsg1-0ubuntu0.20.04.6) focal-security; urgency=medium

  * SECURITY UPDATE: missing input length validation in drive channel
    - debian/patches/CVE-2022-41877.patch: fixed missing stream length
      check in channels/drive/client/drive_main.c.
    - CVE-2022-41877
  * SECURITY UPDATE: OOB write via invalid offset validation
    - debian/patches/CVE-2023-39352.patch: add bound check in gdi_SolidFill
      in libfreerdp/gdi/gfx.c.
    - CVE-2023-39352
  * SECURITY UPDATE: OOB read via missing offset validation
    - debian/patches/CVE-2023-39356-1.patch: fix checks for multi opaque
      rect in libfreerdp/core/orders.c.
    - debian/patches/CVE-2023-39356-2.patch: fix reading order number field
      in libfreerdp/core/orders.c.
    - CVE-2023-39356

 -- Marc Deslauriers <email address hidden> Mon, 27 Nov 2023 12:45:36 -0500

Source diff to previous version
CVE-2022-41877 FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input length validation in `drive` channel. A

Version: 2.2.0+dfsg1-0ubuntu0.20.04.5 2023-10-04 10:11:17 UTC

  freerdp2 (2.2.0+dfsg1-0ubuntu0.20.04.5) focal-security; urgency=medium

  * SECURITY UPDATE: integer underflow
    - debian/patches/CVE-2023-39350.patch: validates package length to prevent
      possible out of bound read
    - CVE-2023-39350
  * SECURITY UPDATE: null pointer dereference
    - debian/patches/CVE-2023-39351.patch: frees content of currentMessage on
      fail to prevent null pointer access when processing next package
    - CVE-2023-39351
  * SECURITY UPDATE: missing offset validation
    - debian/patches/CVE-2023-39353-01.patch: validates offset to prevent
      possible out of bound read
    - debian/patches/CVE-2023-39353-02.patch: fixes issues with the original
      patch
    - CVE-2023-39353
  * SECURITY UPDATE: missing input validation
    - debian/patches/add_winpr_assert.h.patch: backports <winrp/assert.h>
      required by CVE-2023-39354.patch
    - debian/patches/format_string_for_Stream_CheckAndLogRequiredLength.patch:
      backports functionality required by CVE-2023-39354.patch
    - debian/patches/CVE-2023-39354.patch: validates input length to prevent
      possible out of bound read
    - CVE-2023-39354
  * SECURITY UPDATE: integer underflow
    - debian/patches/CVE-2023-40181.patch: fixes cBitsRemaining calculation to
      prevent possible out of bound read
    - CVE-2023-40181
  * SECURITY UPDATE: integer overflow
    - debian/patches/CVE-2023-40186.patch: fixes integer multiplication to
      prevent possible out of bound write
    - CVE-2023-40186
  * SECURITY UPDATE: missing input validation
    - debian/patches/ensure_integer_width.patch: ensures integer width
    - debian/patches/CVE-2023-40188.patch: validates input length to prevent
      possible out of bound read
    - CVE-2023-40188
  * SECURITY UPDATE: missing offset validation
    - debian/patches/CVE-2023-40567.patch: validates offset to prevent
      possible out of bound write
    - CVE-2023-40567
  * SECURITY UPDATE: incorrect parameter calculation
    - debian/patches/CVE-2023-40569.patch: fixes nXSrc and nYSrc calculation
      to prevent possible out of bound write
    - CVE-2023-40569
  * SECURITY UPDATE: global buffer overflow
    - debian/patches/CVE-2023-40589.patch: fixes index checks
    - CVE-2023-40589

 -- Jorge Sancho Larraz <email address hidden> Tue, 03 Oct 2023 18:04:10 +0200

Source diff to previous version
CVE-2023-39351 FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions of FreeRDP are subject to
CVE-2023-39353 FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to a missing
CVE-2023-39354 FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-
CVE-2023-40181 FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Integer
CVE-2023-40186 FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Integer
CVE-2023-40188 FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-
CVE-2023-40567 FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-
CVE-2023-40569 FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-
CVE-2023-40589 FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions there is a Global-Buff

Version: 2.2.0+dfsg1-0ubuntu0.20.04.4 2022-11-22 18:07:16 UTC

  freerdp2 (2.2.0+dfsg1-0ubuntu0.20.04.4) focal-security; urgency=medium

  * SECURITY UPDATE: out of bounds read via parallel driver
    - debian/patches/CVE-2022-39282.patch: fix length checks in parallel
      driver in channels/parallel/client/parallel_main.c.
    - CVE-2022-39282
  * SECURITY UPDATE: out of bounds read via video channel
    - debian/patches/CVE-2022-39283.patch: fixed missing length check in
      video channel in channels/video/client/video_main.c.
    - CVE-2022-39283
  * SECURITY UPDATE: out of bounds reads in ZGFX decoder component
    - debian/patches/CVE-2022-39316_7.patch: added missing length checks in
      zgfx_decompress_segment in libfreerdp/codec/zgfx.c.
    - CVE-2022-39316
    - CVE-2022-39317
  * SECURITY UPDATE: missing input validation in urbdrc
    - debian/patches/CVE-2022-39318.patch: fixed division by zero in urbdrc
      in channels/urbdrc/client/libusb/libusb_udevice.c.
    - CVE-2022-39318
  * SECURITY UPDATE: missing input length validation in urbdrc
    - debian/patches/CVE-2022-39319-1.patch: fixed missing input buffer
      length check in urbdrc in channels/urbdrc/client/data_transfer.c.
    - debian/patches/CVE-2022-39319-2.patch: added missing length check in
      urb_control_transfer in channels/urbdrc/client/data_transfer.c.
    - CVE-2022-39319
  * SECURITY UPDATE: out of bounds read in usb
    - debian/patches/CVE-2022-39320.patch: ensure urb_create_iocompletion
      uses size_t for calculation in
      channels/urbdrc/client/data_transfer.c.
    - CVE-2022-39320
  * SECURITY UPDATE: missing path canonicalization and base path check
    for drive channel
    - debian/patches/CVE-2022-39347-1.patch: added function _wcsncmp in
      winpr/include/winpr/string.h, winpr/libwinpr/crt/string.c.
    - debian/patches/CVE-2022-39347-2.patch: fix wcs*cmp and wcs*len checks
      in winpr/libwinpr/crt/string.c.
    - debian/patches/CVE-2022-39347-3.patch: added wcsstr implementation in
      winpr/include/winpr/string.h, winpr/libwinpr/crt/string.c.
    - debian/patches/CVE-2022-39347-4.patch: fixed path validation in drive
      channel in channels/drive/client/drive_file.c,
      channels/drive/client/drive_file.h,
      channels/drive/client/drive_main.c.
    - CVE-2022-39347

 -- Marc Deslauriers <email address hidden> Mon, 21 Nov 2022 11:15:20 -0500

Source diff to previous version
CVE-2022-39282 FreeRDP is a free remote desktop protocol library and clients. FreeRDP based clients on unix systems using `/parallel` command line switch might read
CVE-2022-39283 FreeRDP is a free remote desktop protocol library and clients. All FreeRDP based clients when using the `/video` command line switch might read unini
CVE-2022-39316 FreeRDP is a free remote desktop protocol library and clients. In affected versions there is an out of bound read in ZGFX decoder component of FreeRD
CVE-2022-39317 FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing a range check for input offset index in ZGFX
CVE-2022-39318 FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input validation in `urbdrc` channel. A malic
CVE-2022-39319 FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input length validation in the `urbdrc` chann
CVE-2022-39320 FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP may attempt integer addition on too narrow types leads to
CVE-2022-39347 FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing path canonicalization and base path check for

Version: 2.2.0+dfsg1-0ubuntu0.20.04.3 2022-06-06 18:06:26 UTC

  freerdp2 (2.2.0+dfsg1-0ubuntu0.20.04.3) focal-security; urgency=medium

  * SECURITY UPDATE: authentication bypass via empty password values
    - debian/patches/CVE-2022-24882.patch: fix return code confusion in
      winpr/libwinpr/sspi/NTLM/ntlm_av_pairs.*,
      winpr/libwinpr/sspi/NTLM/ntlm_compute.*,
      winpr/libwinpr/sspi/NTLM/ntlm_message.c.
    - CVE-2022-24882
  * SECURITY UPDATE: authentication bypass via incorrect SAM file path
    - debian/patches/CVE-2022-24883.patch: clean up ntlm_fetch_ntlm_v2_hash
      in winpr/libwinpr/sspi/NTLM/ntlm_compute.c.
    - CVE-2022-24883

 -- Marc Deslauriers <email address hidden> Mon, 06 Jun 2022 09:17:24 -0400

Source diff to previous version
CVE-2022-24882 FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). In versions prior to 2.7.0, NT LAN Manager (NTLM) authentication does not prop
CVE-2022-24883 FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). Prior to version 2.7.0, server side authentication against a `SAM` file might

Version: 2.2.0+dfsg1-0ubuntu0.20.04.2 2021-11-23 16:07:12 UTC

  freerdp2 (2.2.0+dfsg1-0ubuntu0.20.04.2) focal-security; urgency=medium

  * SECURITY UPDATE: OOB Write
    - debian/patches/CVE-2021-41159-and-41160.patch: add checks
      in multiple files and added checks for bitmap
      width and heigth values in order to avoid out
      of bounds write in
      libfreerdp/core/gateway/ncacn_http.c,
      libfreerdp/core/gateway/rdg.c,
      libfreerdp/core/gateway/rpc.c,
      libfreerdp/core/gateway/rpc.h,
      libfreerdp/core/gateway/rpc_bind.c,
      libfreerdp/core/gateway/rpc_bind.h,
      libfreerdp/core/gateway/rpc_client.c,
      libfreerdp/core/gateway/rpc_client.h,
      libfreerdp/core/gateway/rpc_fault.c,
      libfreerdp/core/gateway/rts.c,
      libfreerdp/core/gateway/rts.h,
      libfreerdp/core/gateway/rts_signature.c,
      libfreerdp/core/gateway/rts_signature.h,
      libfreerdp/core/gateway/tsg.c,
      libfreerdp/core/orders.c,
      libfreerdp/core/surface.c,
      libfreerdp/core/update.c.
    - CVE-2021-41159
    - CVE-2021-41160

 -- Leonidas Da Silva Barbosa <email address hidden> Mon, 08 Nov 2021 15:22:20 -0300

CVE-2021-41159 FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. All FreeRDP clients prior to version 2.4.1
CVE-2021-41160 FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a malicious server mig



About   -   Send Feedback to @ubuntu_updates