|
|
Log in / Subscribe / Register

Debian alert DLA-1095-1 (freerdp)



From:
    	      Markus Koschany <apo@debian.org> 


To:
    	      debian-lts-announce@lists.debian.org 


Subject:
    	      [SECURITY] [DLA 1095-1] freerdp security update 


Date:
    	      Mon, 11 Sep 2017 07:29:13 +0200


Message-ID:
    	      <50e5bb7c-1390-f279-6e34-ba5aa405ce43@debian.org>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : freerdp
Version        : 1.0.1-1.1+deb7u4
CVE ID         : CVE-2017-2835 CVE-2017-2836 CVE-2017-2837 CVE-2017-2838
                 CVE-2017-2839
Debian Bug     : 869880

Tyler Bohan of Talos discovered that FreeRDP, a free implementation of
the Remote Desktop Protocol (RDP), contained several vulnerabilities
that allowed a malicious remote server or a man-in-the-middle to
either cause a DoS by forcibly terminating the client, or execute
arbitrary code on the client side.

For Debian 7 "Wheezy", these problems have been fixed in version
1.0.1-1.1+deb7u4.

We recommend that you upgrade your freerdp packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlm2HyhfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeQFCBAAwHKShLz7HhNQcU6jtqWn5zREPQh8VJBIuc+MSamsxcW20NwwTPaLQmMt
W5OJJw9xc5LiQyuY3IcVAiLvm1mTTHqPxK58jJ9oYVHRwYeyTbLv6LRCVeivdw00
Hjqt+LXw0UcRx/mBRaw+3mS4Cs2agqs5/1PP1v/Retg9+DEMFKojE6uMKQuQO8EM
pINSvr094IRX3PyHu9O5sA6Up+EShkNLq3aqV7roYd+i4BmXdUp8jThQkevMfSYc
tTxbMKyJCZOWUCZJlfNEYyLcQOjYHPtPD/aR5kbe+CYqod5bDp29Tgub5DWTVmfY
kv9UxlMi3tZ/td4EzEMYTIMWp6RnJS3zebyYUe2ypZbfVaUao5H/bZv30y0N5/Gz
GNZo+6rBSioRi9GCo/Lp50ft+nPeAmKgCK22Wrr8AOKqAMLH9X2Nx3wx4Q7c9ODA
Sm1ExHdA54NpK0JXyDj/S3UJ3H8FlkS8W3/MB3RarUNTAjXnuk7HJNjpAVHVTWET
5qPSiU1p5Yk4WgZiaMM1R0yoTXrQohGwU3nI0FR9fsy+wZoqf237AFjX+jWoD2kE
m1qShxeuJscP7tKOiTPiCm+urpPtPFuQMVURDYlaNyzRhxfR/fdTSKyNaGG6RUnc
XeyiFK1skhVMK0HUyS+fOXroe79d8EQr85cXvfu17LX+m0Wm2k0=
=QBxJ
-----END PGP SIGNATURE-----
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds