Advisories ยป MGASA-2022-0437

Updated freerdp packages fix security vulnerability

Publication date: 24 Nov 2022
Type: security
Affected Mageia releases : 8
CVE: CVE-2022-39282 , CVE-2022-39283

Description

FreeRDP based clients on unix systems using `/parallel` command line
switch might read uninitialized data and send it to the server the client
is currently connected to. (CVE-2022-39282)

All FreeRDP based clients when using the `/video` command line switch
might read uninitialized data, decode it as audio/video and display the
result. (CVE-2022-39283)
                

References

SRPMS

8/core