{
  "schema_version": "1.6.2",
  "id": "MGASA-2020-0297",
  "published": "2020-07-31T23:25:42Z",
  "modified": "2020-07-31T22:41:03Z",
  "summary": "Updated freerdp/remmina packages fix security vulnerability",
  "details": "It was discovered that FreeRDP incorrectly handled certain memory\noperations. A remote attacker could use this issue to cause FreeRDP to\ncrash, resulting in a denial of service, or possibly exeucte arbitrary\ncode.\n\nThe freerdp package has been updated to version 2.1.2 to fix these issues.\n\nAlso, the remmina package has been updated to version 1.4.7 for\ncompatibility with the updated freerdp.\n",
  "related": [
    "CVE-2020-4030",
    "CVE-2020-4031",
    "CVE-2020-4032",
    "CVE-2020-4033",
    "CVE-2020-11017",
    "CVE-2020-11018",
    "CVE-2020-11019",
    "CVE-2020-11038",
    "CVE-2020-11039",
    "CVE-2020-11040",
    "CVE-2020-11041",
    "CVE-2020-11042",
    "CVE-2020-11043",
    "CVE-2020-11044",
    "CVE-2020-11045",
    "CVE-2020-11046",
    "CVE-2020-11047",
    "CVE-2020-11048",
    "CVE-2020-11049",
    "CVE-2020-11058",
    "CVE-2020-11085",
    "CVE-2020-11086",
    "CVE-2020-11087",
    "CVE-2020-11088",
    "CVE-2020-11089",
    "CVE-2020-11095",
    "CVE-2020-11096",
    "CVE-2020-11097",
    "CVE-2020-11098",
    "CVE-2020-11099",
    "CVE-2020-11521",
    "CVE-2020-11522",
    "CVE-2020-11523",
    "CVE-2020-11524",
    "CVE-2020-11525",
    "CVE-2020-11526",
    "CVE-2020-13396",
    "CVE-2020-13397",
    "CVE-2020-13398"
  ],
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://advisories.mageia.org/MGASA-2020-0297.html"
    },
    {
      "type": "REPORT",
      "url": "https://bugs.mageia.org/show_bug.cgi?id=26699"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-fjr5-97f5-qq98"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-gwcq-hpq2-m74g"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-3898-mc89-x2vc"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-7rhj-856w-82p8"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-q5c8-fm29-q57c"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-8cvc-vcw7-6mfw"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-wvrr-2f4r-hjvh"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-h25x-cqr6-fp6g"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-mx9p-f6q8-mqwq"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-x4wq-m7c9-rjgr"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-w67c-26c4-2h9w"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9jp6-5vf2-cx2q"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-5mr4-28w3-rc84"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-cgqh-p732-6x2w"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-3x39-248q-f4q6"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9fw6-m2q8-h5pw"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-hx48-wmmm-mr5q"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-hv8w-f2hx-5gcv"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-wwh7-r2r8-xjpr"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-wjg2-2f82-466g"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-2j4w-v45m-95hf"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-fg8v-w34r-c974"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-84vj-g73m-chw7"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-xh4f-fh87-43hp"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-hfc7-c5gv-8c2h"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-563r-pvh7-4fw2"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-mjw7-3mq2-996x"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-c8x2-c3c9-9r3f"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-jr57-f58x-hjmv"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-977w-866x-4v5h"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-5cwc-6wc9-255w"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-48wx-7vgj-fffh"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4qrh-8cp8-4x42"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-cgw8-3mp2-p5qw"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9755-fphh-gmjg"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-97jw-m5w5-xvf9"
    },
    {
      "type": "REPORT",
      "url": "https://gitlab.com/Remmina/Remmina/-/releases#v1.4.7"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/notices/USN-4379-1"
    },
    {
      "type": "REPORT",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/IGSY4CEBOH6TVJLIW53YL7YDGHY3RMPU/"
    },
    {
      "type": "REPORT",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/6RTM4HR3PBFF5X7XHCOS5MIHPKSDEYCX/"
    }
  ],
  "affected": [
    {
      "package": {
        "ecosystem": "Mageia:7",
        "name": "freerdp",
        "purl": "pkg:rpm/mageia/freerdp?arch=source&distro=mageia-7"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.1.2-1.mga7"
            }
          ]
        }
      ],
      "ecosystem_specific": {
        "section": "core"
      }
    },
    {
      "package": {
        "ecosystem": "Mageia:7",
        "name": "remmina",
        "purl": "pkg:rpm/mageia/remmina?arch=source&distro=mageia-7"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.4.7-1.mga7"
            }
          ]
        }
      ],
      "ecosystem_specific": {
        "section": "core"
      }
    }
  ],
  "credits": [
    {
      "name": "Mageia",
      "type": "COORDINATOR",
      "contact": [
        "https://wiki.mageia.org/en/Packages_Security_Team"
      ]
    }
  ]
}