Sicherheit: Mehrere Probleme in FreeRDP

Lesezeichen hinzufügen

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============1332604810979844265==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="4O3kOYE6MMyUqYYl8LiEEvwIyOpDhYdT6"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--4O3kOYE6MMyUqYYl8LiEEvwIyOpDhYdT6
Content-Type: multipart/mixed;
boundary="chWfV13MfSsyyp4Sgc72ZB9wlwyXO87aW"

--chWfV13MfSsyyp4Sgc72ZB9wlwyXO87aW
Content-Type: text/plain; charset=utf-8
Content-Language: en-C
Content-Transfer-Encoding: quoted-printable

==========================================================================
Ubuntu Security Notice USN-4481-1
September 01, 2020

freerdp2 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS

Summary:

Several security issues were fixed in FreeRDP.

Software Description:
- freerdp2: RDP client for Windows Terminal Services

Details:

It was discovered that FreeRDP incorrectly handled certain memory
operations. A remote attacker could use this issue to cause FreeRDP to
crash, resulting in a denial of service, or possibly execute arbitrary
code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
libfreerdp-client2-2 2.2.0+dfsg1-0ubuntu0.20.04.1
libfreerdp-server2-2 2.2.0+dfsg1-0ubuntu0.20.04.1
libfreerdp2-2 2.2.0+dfsg1-0ubuntu0.20.04.1

Ubuntu 18.04 LTS:
libfreerdp-client2-2 2.2.0+dfsg1-0ubuntu0.18.04.1
libfreerdp-server2-2 2.2.0+dfsg1-0ubuntu0.18.04.1
libfreerdp2-2 2.2.0+dfsg1-0ubuntu0.18.04.1

This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.

References:
https://usn.ubuntu.com/4481-1
CVE-2020-11095, CVE-2020-11096, CVE-2020-11097, CVE-2020-11098,
CVE-2020-11099, CVE-2020-15103, CVE-2020-4030, CVE-2020-4031,
CVE-2020-4032, CVE-2020-4033

Package Information:
https://launchpad.net/ubuntu/+source/freerdp2/2.2.0+dfsg1-0ubuntu0.20.04.1
https://launchpad.net/ubuntu/+source/freerdp2/2.2.0+dfsg1-0ubuntu0.18.04.1

--chWfV13MfSsyyp4Sgc72ZB9wlwyXO87aW--

--4O3kOYE6MMyUqYYl8LiEEvwIyOpDhYdT6
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl9OWroACgkQZWnYVadE
vpOe3Q/+NaKc5xPlRoXLgBSnESzZYgDFuHQZJMe27dZXhJiACi/P2ZCFp2dopZc5
3dRyYvbMo3oGvdCrWv1lr4/2tLfSxn4BiVWEhmydwOaytsjdg7oTX4z3T8sh+wLR
7zyQJ9WgHDK4pAvV32736Krp9G/bPfRzqXstxTFUy8a6b6wt2ZkM2SvvqLjlIAQd
Q3lLji0beGYbFrPgxNltSwLTcfzFoLgeDZWo3H7XwgcTZffEbu+iUcKvBBqHTm9d
2aj/w06ea6cKxA/NWHpwGVL8YULXGHdXVpfrCD8tyYqLfm86dyGLi7Vp0MEumPa5
YlC1fTV+vzAImut3ofqRMizCCkTj9xaiQExN74cpd8dvkgs4J7TIu+fOnnztehCT
AGktijKvrFOC+M8J/Yk43Cb5savivAB74/U5VFtF4f4tNtlg0VZfYPUYNWh5yUb1
Yaa4KBRJbJGJ67D1Zis2k5SvGZjIJeQf0noX0SaKaowxq/4PB4anrrocrVnvn+fI
1JhkM7aKd/Q6x4f6p+o2hILeSSGC8p39iUXV9Edn7e9yJOfyuuyxtul+/ozg7K8m
Pbs6GjtsUNWXaMjOoglRGgG2gq/HHpHR3eJ2F1q3/Qu/JgJy8nn5/BYx7pN8LIHW
EfsSu8EEnDKg3eeE7P8a+LiAw4ZV87CvGzwx89tMlTum+gpfPnw=
=n4+Z
-----END PGP SIGNATURE-----

--4O3kOYE6MMyUqYYl8LiEEvwIyOpDhYdT6--

--===============1332604810979844265==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline

LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5
LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl
IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj
dXJpdHktYW5ub3VuY2UK

--===============1332604810979844265==--