On Mon, Dec 10, 2018 at 05:44:51PM +0000, Mike Gabriel wrote:
> Hi,
>
> I'd like to discuss the possible pathways for getting FreeRDP fixed in
> Debian jessie LTS (and Debian stretch, too).
debian-security@ldo is not the proper contact address, I've fixed
the recipient list.
> Last week I talked to Bernhard Miklautz (one of the FreeRDP upsteam
> maintainers and the actual packager of FreeRDPv2 in Debian).
>
> 1. Looking at fixing FreeRDP v1.1 in jessie / stretch
> -----------------------------------------------------
>
> He sketched up the following pathway for getting freerdp (v1.1) fixed in
> Debian jessie (and stretch):
What is the impact/scope of the individual issues? The individual commit
messages are quite scarce. Are these exploitable by the server or
a connecting client or vice versa?
Cheers,
Moritz
