Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 8b5a98e8 by Salvatore Bonaccorso at 2020-06-29T21:56:58+02:00 Several frerdp2 issues fixed via unstable upload - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -11462,31 +11462,31 @@ CVE-2016-11024 (odata4j 0.7.0 allows ExecuteJPQLQueryCommand.java SQL injection. CVE-2016-11023 (odata4j 0.7.0 allows ExecuteCountQueryCommand.java SQL injection. NOTE ...) NOT-FOR-US: odata4j CVE-2020-11099 (In FreeRDP before version 2.1.2, there is an out of bounds read in lic ...) - - freerdp2 <unfixed> + - freerdp2 2.1.2+dfsg1-1 [buster] - freerdp2 <no-dsa> (Minor issue) - freerdp <removed> [stretch] - freerdp <no-dsa> (Minor issue) NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-977w-866x-4v5h CVE-2020-11098 (In FreeRDP before version 2.1.2, there is an out-of-bound read in glyp ...) - - freerdp2 <unfixed> + - freerdp2 2.1.2+dfsg1-1 [buster] - freerdp2 <no-dsa> (Minor issue) - freerdp <removed> [stretch] - freerdp <no-dsa> (Minor issue) NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-jr57-f58x-hjmv CVE-2020-11097 (In FreeRDP before version 2.1.2, an out of bounds read occurs resultin ...) - - freerdp2 <unfixed> + - freerdp2 2.1.2+dfsg1-1 [buster] - freerdp2 <no-dsa> (Minor issue) - freerdp <removed> [stretch] - freerdp <no-dsa> (Minor issue) NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-c8x2-c3c9-9r3f CVE-2020-11096 (In FreeRDP before version 2.1.2, there is a global OOB read in update_ ...) - - freerdp2 <unfixed> + - freerdp2 2.1.2+dfsg1-1 [buster] - freerdp2 <no-dsa> (Minor issue) - freerdp <removed> [stretch] - freerdp <no-dsa> (Minor issue) NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-mjw7-3mq2-996x CVE-2020-11095 (In FreeRDP before version 2.1.2, an out of bound reads occurs resultin ...) - - freerdp2 <unfixed> + - freerdp2 2.1.2+dfsg1-1 [buster] - freerdp2 <no-dsa> (Minor issue) - freerdp <removed> [stretch] - freerdp <no-dsa> (Minor issue) @@ -28901,25 +28901,25 @@ CVE-2020-4035 (In WatermelonDB (NPM package "@nozbe/watermelondb") before versio CVE-2020-4034 RESERVED CVE-2020-4033 (In FreeRDP before version 2.1.2, there is an out of bounds read in RLE ...) - - freerdp2 <unfixed> + - freerdp2 2.1.2+dfsg1-1 [buster] - freerdp2 <no-dsa> (Minor issue) - freerdp <removed> [stretch] - freerdp <no-dsa> (Minor issue) NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-7rhj-856w-82p8 CVE-2020-4032 (In FreeRDP before version 2.1.2, there is an integer casting vulnerabi ...) - - freerdp2 <unfixed> + - freerdp2 2.1.2+dfsg1-1 [buster] - freerdp2 <no-dsa> (Minor issue) - freerdp <removed> [stretch] - freerdp <no-dsa> (Minor issue) NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-3898-mc89-x2vc CVE-2020-4031 (In FreeRDP before version 2.1.2, there is a use-after-free in gdi_Sele ...) - - freerdp2 <unfixed> + - freerdp2 2.1.2+dfsg1-1 [buster] - freerdp2 <no-dsa> (Minor issue) - freerdp <removed> [stretch] - freerdp <no-dsa> (Minor issue) NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-gwcq-hpq2-m74g CVE-2020-4030 (In FreeRDP before version 2.1.2, there is an out of bounds read in Tri ...) - - freerdp2 <unfixed> + - freerdp2 2.1.2+dfsg1-1 [buster] - freerdp2 <no-dsa> (Minor issue) - freerdp <removed> [stretch] - freerdp <no-dsa> (Minor issue) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b5a98e86041791f85a8df5633ef09a5bd896324 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b5a98e86041791f85a8df5633ef09a5bd896324 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits