Updated freerdp packages fix security vulnerability
Publication date: 17 Dec 2022Type: security
Affected Mageia releases : 8
CVE: CVE-2022-41877
Description
Affected versions of FreeRDP are missing input length validation in 'drive' channel. A malicious server can trick a FreeRDP based client to read out of bound data and send it back to the server. (CVE-2022-41877)
References
SRPMS
8/core
- freerdp-2.2.0-1.5.mga8