USN-4379-1: FreeRDP vulnerabilities
1 June 2020
Several security issues were fixed in FreeRDP.
Releases
Packages
- freerdp2 - RDP client for Windows Terminal Services
Details
It was discovered that FreeRDP incorrectly handled certain memory
operations. A remote attacker could use this issue to cause FreeRDP to
crash, resulting in a denial of service, or possibly exeucte arbitrary
code.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 20.04
-
libfreerdp-client2-2
-
2.1.1+dfsg1-0ubuntu0.20.04.1
-
libfreerdp-server2-2
-
2.1.1+dfsg1-0ubuntu0.20.04.1
-
libfreerdp2-2
-
2.1.1+dfsg1-0ubuntu0.20.04.1
Ubuntu 19.10
-
libfreerdp-client2-2
-
2.1.1+dfsg1-0ubuntu0.19.10.1
-
libfreerdp-server2-2
-
2.1.1+dfsg1-0ubuntu0.19.10.1
-
libfreerdp2-2
-
2.1.1+dfsg1-0ubuntu0.19.10.1
Ubuntu 18.04
-
libfreerdp-client2-2
-
2.1.1+dfsg1-0ubuntu0.18.04.1
-
libfreerdp-server2-2
-
2.1.1+dfsg1-0ubuntu0.18.04.1
-
libfreerdp2-2
-
2.1.1+dfsg1-0ubuntu0.18.04.1
This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.
Related notices
- USN-4382-1: libwinpr-crt0.1, libfreerdp-primitives1.1, libwinpr-library0.1, libwinpr-rpc0.1, libwinpr-winhttp0.1, libwinpr-dev, libwinpr-asn1-0.1, libwinpr-credui0.1, libwinpr-file0.1, libfreerdp-codec1.1, libfreerdp-common1.1.0, libwinpr-environment0.1, freerdp, libfreerdp-cache1.1, libwinpr-synch0.1, libwinpr-timezone0.1, libfreerdp-plugins-standard, libfreerdp-dev, libwinpr-pipe0.1, libfreerdp-gdi1.1, libwinpr-thread0.1, libwinpr-sspicli0.1, libwinpr-crypto0.1, libwinpr-sysinfo0.1, libwinpr-handle0.1, libwinpr-winsock0.1, libwinpr-credentials0.1, libfreerdp-client1.1, freerdp-x11, libfreerdp-utils1.1, libwinpr-heap0.1, libfreerdp-locale1.1, libxfreerdp-client1.1, libwinpr-path0.1, libfreerdp-rail1.1, libwinpr-dsparse0.1, libwinpr-input0.1, libwinpr-utils0.1, libfreerdp-core1.1, libwinpr-bcrypt0.1, libwinpr-registry0.1, libwinpr-sspi0.1, libwinpr-interlocked0.1, libwinpr-pool0.1, libwinpr-io0.1, libfreerdp-crypto1.1, libwinpr-error0.1
- USN-4382-2: libwinpr-crt0.1, libfreerdp-primitives1.1, libwinpr-library0.1, libwinpr-rpc0.1, libwinpr-winhttp0.1, libwinpr-dev, libwinpr-asn1-0.1, libwinpr-credui0.1, libwinpr-file0.1, libfreerdp-codec1.1, libfreerdp-common1.1.0, libwinpr-environment0.1, freerdp, libfreerdp-cache1.1, libwinpr-synch0.1, libwinpr-timezone0.1, libfreerdp-plugins-standard, libfreerdp-dev, libwinpr-pipe0.1, libfreerdp-gdi1.1, libwinpr-thread0.1, libwinpr-sspicli0.1, libwinpr-crypto0.1, libwinpr-sysinfo0.1, libwinpr-handle0.1, libwinpr-winsock0.1, libwinpr-credentials0.1, libfreerdp-client1.1, freerdp-x11, libfreerdp-utils1.1, libwinpr-heap0.1, libfreerdp-locale1.1, libxfreerdp-client1.1, libwinpr-path0.1, libfreerdp-rail1.1, libwinpr-dsparse0.1, libwinpr-input0.1, libwinpr-utils0.1, libfreerdp-core1.1, libwinpr-bcrypt0.1, libwinpr-registry0.1, libwinpr-sspi0.1, libwinpr-interlocked0.1, libwinpr-pool0.1, libwinpr-io0.1, libfreerdp-crypto1.1, libwinpr-error0.1