Updated freerdp/remmina packages fix security vulnerability
Publication date: 31 Jul 2020Modification date: 31 Jul 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2020-4030 , CVE-2020-4031 , CVE-2020-4032 , CVE-2020-4033 , CVE-2020-11017 , CVE-2020-11018 , CVE-2020-11019 , CVE-2020-11038 , CVE-2020-11039 , CVE-2020-11040 , CVE-2020-11041 , CVE-2020-11042 , CVE-2020-11043 , CVE-2020-11044 , CVE-2020-11045 , CVE-2020-11046 , CVE-2020-11047 , CVE-2020-11048 , CVE-2020-11049 , CVE-2020-11058 , CVE-2020-11085 , CVE-2020-11086 , CVE-2020-11087 , CVE-2020-11088 , CVE-2020-11089 , CVE-2020-11095 , CVE-2020-11096 , CVE-2020-11097 , CVE-2020-11098 , CVE-2020-11099 , CVE-2020-11521 , CVE-2020-11522 , CVE-2020-11523 , CVE-2020-11524 , CVE-2020-11525 , CVE-2020-11526 , CVE-2020-13396 , CVE-2020-13397 , CVE-2020-13398
Description
It was discovered that FreeRDP incorrectly handled certain memory
operations. A remote attacker could use this issue to cause FreeRDP to
crash, resulting in a denial of service, or possibly exeucte arbitrary
code.
The freerdp package has been updated to version 2.1.2 to fix these issues.
Also, the remmina package has been updated to version 1.4.7 for
compatibility with the updated freerdp.
References
- https://bugs.mageia.org/show_bug.cgi?id=26699
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-fjr5-97f5-qq98
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-gwcq-hpq2-m74g
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-3898-mc89-x2vc
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-7rhj-856w-82p8
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-q5c8-fm29-q57c
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-8cvc-vcw7-6mfw
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-wvrr-2f4r-hjvh
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-h25x-cqr6-fp6g
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-mx9p-f6q8-mqwq
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-x4wq-m7c9-rjgr
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-w67c-26c4-2h9w
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9jp6-5vf2-cx2q
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-5mr4-28w3-rc84
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-cgqh-p732-6x2w
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-3x39-248q-f4q6
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9fw6-m2q8-h5pw
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-hx48-wmmm-mr5q
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-hv8w-f2hx-5gcv
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-wwh7-r2r8-xjpr
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-wjg2-2f82-466g
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-2j4w-v45m-95hf
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-fg8v-w34r-c974
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-84vj-g73m-chw7
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-xh4f-fh87-43hp
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-hfc7-c5gv-8c2h
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-563r-pvh7-4fw2
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-mjw7-3mq2-996x
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-c8x2-c3c9-9r3f
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-jr57-f58x-hjmv
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-977w-866x-4v5h
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-5cwc-6wc9-255w
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-48wx-7vgj-fffh
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4qrh-8cp8-4x42
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-cgw8-3mp2-p5qw
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9755-fphh-gmjg
- https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-97jw-m5w5-xvf9
- https://gitlab.com/Remmina/Remmina/-/releases#v1.4.7
- https://ubuntu.com/security/notices/USN-4379-1
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/IGSY4CEBOH6TVJLIW53YL7YDGHY3RMPU/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/6RTM4HR3PBFF5X7XHCOS5MIHPKSDEYCX/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4030
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4031
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4032
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-4033
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11017
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11018
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11019
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11038
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11039
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11040
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11041
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11042
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11043
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11044
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11045
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11046
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11047
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11048
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11049
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11058
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11085
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11086
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11087
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11088
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11089
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11095
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11096
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11097
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11098
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11099
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11521
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11522
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11523
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11524
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11525
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11526
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13396
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13397
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13398
SRPMS
7/core
- freerdp-2.1.2-1.mga7
- remmina-1.4.7-1.mga7