Advisory: CLSA-2024:1721206783
OS: CentOS 7 ELS
Public date: 2024-07-17 04:59:45
Project: freerdp
Version: 2.1.1-5.el7_9.tuxcare.els1
Errata link: https://errata.tuxcare.com/els_os/centos7els/CLSA-2024-1721206783.html
- CVE-2023-39352: add bound check in gdi_SolidFill - CVE-2023-39353: check indices are within range - CVE-2023-39356: fix checks for multi opaque rect - CVE-2023-40181: fix cBitsRemaining calculation - CVE-2023-40186: fix integer multiplications - CVE-2023-40188: fix input length validation - CVE-2023-40567: fix missing bounds checks - CVE-2023-40569: fix missing destination checks - CVE-2024-22211: check resolution for overflow - CVE-2023-39351: free content of currentMessage on fail - CVE-2023-39350: fix possible out of bound read - CVE-2023-40589: properly verify all offsets while decoding data
Update command: yum update freerdp*
freerdp-2.1.1-5.el7_9.tuxcare.els1.x86_64.rpm freerdp-devel-2.1.1-5.el7_9.tuxcare.els1.i686.rpm freerdp-devel-2.1.1-5.el7_9.tuxcare.els1.x86_64.rpm freerdp-libs-2.1.1-5.el7_9.tuxcare.els1.i686.rpm freerdp-libs-2.1.1-5.el7_9.tuxcare.els1.x86_64.rpm libwinpr-2.1.1-5.el7_9.tuxcare.els1.i686.rpm libwinpr-2.1.1-5.el7_9.tuxcare.els1.x86_64.rpm libwinpr-devel-2.1.1-5.el7_9.tuxcare.els1.i686.rpm libwinpr-devel-2.1.1-5.el7_9.tuxcare.els1.x86_64.rpm