Debian Bug report logs -
#869880
CVE-2017-2834 CVE-2017-2835 CVE-2017-2836 CVE-2017-2837 CVE-2017-2838 CVE-2017-2839
Reported by: Moritz Muehlenhoff <jmm@debian.org>
Date: Thu, 27 Jul 2017 11:24:04 UTC
Severity: grave
Tags: fixed-upstream, security, upstream
Found in version freerdp/1.1.0~git20140921.1.440916e+dfsg1-4
Fixed in versions freerdp/1.1.0~git20140921.1.440916e+dfsg1-14, freerdp/1.1.0~git20140921.1.440916e+dfsg1-13+deb9u1
Done: Mike Gabriel <sunweaver@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian Remote Maintainers <pkg-remote-team@lists.alioth.debian.org>:
Bug#869880; Package src:freerdp.
(Thu, 27 Jul 2017 11:24:06 GMT) (full text, mbox, link).
Acknowledgement sent
to Moritz Muehlenhoff <jmm@debian.org>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian Remote Maintainers <pkg-remote-team@lists.alioth.debian.org>.
(Thu, 27 Jul 2017 11:24:06 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: freerdp
Severity: grave
Tags: security
Hi,
please see:
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0341
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0340
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0339
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0338
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0337
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0336
Fix is here:
https://github.com/FreeRDP/FreeRDP/pull/4055/commits/8292b4558f0684065ce1f58db7783cc426099223
Cheers,
Moritz
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian Remote Maintainers <pkg-remote-team@lists.alioth.debian.org>:
Bug#869880; Package src:freerdp.
(Thu, 27 Jul 2017 11:54:08 GMT) (full text, mbox, link).
Acknowledgement sent
to bernhard.miklautz@shacknet.at:
Extra info received and forwarded to list. Copy sent to Debian Remote Maintainers <pkg-remote-team@lists.alioth.debian.org>.
(Thu, 27 Jul 2017 11:54:08 GMT) (full text, mbox, link).
Message #10 received at submit@bugs.debian.org (full text, mbox, reply):
Hi,
On Thu, Jul 27, 2017 at 01:21:58PM +0200, Moritz Muehlenhoff wrote:
> Source: freerdp
> Severity: grave
> Tags: security
>
> Hi,
> please see:
> https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0341
> https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0340
> https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0339
> https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0338
> https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0337
> https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0336
>
> Fix is here:
> https://github.com/FreeRDP/FreeRDP/pull/4055/commits/8292b4558f0684065ce1f58db7783cc426099223
This fix is for master. I'm working on a back port of it for 1.1 right
now and will prepare a patch.
Best regards,
Bernhard
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian Remote Maintainers <pkg-remote-team@lists.alioth.debian.org>:
Bug#869880; Package src:freerdp.
(Thu, 27 Jul 2017 11:54:12 GMT) (full text, mbox, link).
Acknowledgement sent
to bernhard.miklautz@shacknet.at:
Extra info received and forwarded to list. Copy sent to Debian Remote Maintainers <pkg-remote-team@lists.alioth.debian.org>.
(Thu, 27 Jul 2017 11:54:12 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian Remote Maintainers <pkg-remote-team@lists.alioth.debian.org>:
Bug#869880; Package src:freerdp.
(Thu, 27 Jul 2017 13:09:07 GMT) (full text, mbox, link).
Acknowledgement sent
to bernhard.miklautz@shacknet.at:
Extra info received and forwarded to list. Copy sent to Debian Remote Maintainers <pkg-remote-team@lists.alioth.debian.org>.
(Thu, 27 Jul 2017 13:09:07 GMT) (full text, mbox, link).
Message #20 received at 869880@bugs.debian.org (full text, mbox, reply):
We fixed it upstream on branch stable-1.1 as well now:
https://github.com/FreeRDP/FreeRDP/commit/03ab68318966c3a22935a02838daaea7b7fbe96c
Here is an updated version of the freerdp package with the patch
included:
https://github.com/bmiklautz/FreeRDP-debian/commit/68c33cec893630a6b6abbce82956739854158dca
Best regards,
Bernhard
Marked as found in versions freerdp/1.1.0~git20140921.1.440916e+dfsg1-4.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Thu, 27 Jul 2017 19:15:03 GMT) (full text, mbox, link).
Added tag(s) fixed-upstream and upstream.
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Thu, 27 Jul 2017 19:15:03 GMT) (full text, mbox, link).
Added tag(s) pending.
Request was from Bernhard Miklautz <bernhard.miklautz@thincast.com>
to control@bugs.debian.org.
(Thu, 27 Jul 2017 21:54:03 GMT) (full text, mbox, link).
Message sent on
to Moritz Muehlenhoff <jmm@debian.org>:
Bug#869880.
(Thu, 27 Jul 2017 21:54:09 GMT) (full text, mbox, link).
Message #29 received at 869880-submitter@bugs.debian.org (full text, mbox, reply):
tag 869880 pending
thanks
Hello,
Bug #869880 reported by you has been fixed in the Git repository. You can
see the changelog below, and you can check the diff of the fix at:
https://anonscm.debian.org/cgit/pkg-remote/freerdp.git/commit/?id=68c33ce
---
commit 68c33cec893630a6b6abbce82956739854158dca
Author: Bernhard Miklautz <bernhard.miklautz@thincast.com>
Date: Thu Jul 27 14:16:23 2017 +0200
add 0008-Fix-multiple-security-issues.patch
This adds a fix for:
* CVE-2017-2834
* CVE-2017-2835
* CVE-2017-2836
* CVE-2017-2837
* CVE-2017-2838
* CVE-2017-2839
Closes: #869880
diff --git a/debian/changelog b/debian/changelog
index 6570976..f34579c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
+freerdp (1.1.0~git20140921.1.440916e+dfsg1-14) UNRELEASED; urgency=high
+
+ [ Bernhard Miklautz ]
+ * debian/patches
+ + Add fix for CVE-2017-2834, CVE-2017-2835, CVE-2017-2836,
+ CVE-2017-2837, CVE-2017-2838, CVE-2017-2839 (Closes: #869880)
+
+ -- Bernhard Miklautz <bernhard.miklautz@shacknet.at> Thu, 27 Jul 2017 13:47:59 +0200
+
freerdp (1.1.0~git20140921.1.440916e+dfsg1-13) unstable; urgency=medium
[ James Clarke ]
Reply sent
to Mike Gabriel <sunweaver@debian.org>:
You have taken responsibility.
(Thu, 27 Jul 2017 22:09:06 GMT) (full text, mbox, link).
Notification sent
to Moritz Muehlenhoff <jmm@debian.org>:
Bug acknowledged by developer.
(Thu, 27 Jul 2017 22:09:06 GMT) (full text, mbox, link).
Message #34 received at 869880-close@bugs.debian.org (full text, mbox, reply):
Source: freerdp
Source-Version: 1.1.0~git20140921.1.440916e+dfsg1-14
We believe that the bug you reported is fixed in the latest version of
freerdp, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 869880@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Mike Gabriel <sunweaver@debian.org> (supplier of updated freerdp package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 27 Jul 2017 23:03:30 +0200
Source: freerdp
Binary: freerdp-x11 libfreerdp-cache1.1 libfreerdp-client1.1 libfreerdp-codec1.1 libfreerdp-common1.1.0 libfreerdp-core1.1 libfreerdp-crypto1.1 libfreerdp-gdi1.1 libfreerdp-locale1.1 libfreerdp-primitives1.1 libfreerdp-rail1.1 libfreerdp-utils1.1 libwinpr-asn1-0.1 libwinpr-bcrypt0.1 libwinpr-credentials0.1 libwinpr-credui0.1 libwinpr-crt0.1 libwinpr-crypto0.1 libwinpr-dsparse0.1 libwinpr-environment0.1 libwinpr-error0.1 libwinpr-file0.1 libwinpr-handle0.1 libwinpr-heap0.1 libwinpr-input0.1 libwinpr-interlocked0.1 libwinpr-io0.1 libwinpr-library0.1 libwinpr-path0.1 libwinpr-pipe0.1 libwinpr-pool0.1 libwinpr-registry0.1 libwinpr-rpc0.1 libwinpr-sspi0.1 libwinpr-sspicli0.1 libwinpr-synch0.1 libwinpr-sysinfo0.1 libwinpr-thread0.1 libwinpr-timezone0.1 libwinpr-utils0.1 libwinpr-winhttp0.1 libwinpr-winsock0.1 libxfreerdp-client1.1 libfreerdp-plugins-standard libfreerdp-dev libwinpr-dev
Architecture: source
Version: 1.1.0~git20140921.1.440916e+dfsg1-14
Distribution: unstable
Urgency: high
Maintainer: Debian Remote Maintainers <pkg-remote-team@lists.alioth.debian.org>
Changed-By: Mike Gabriel <sunweaver@debian.org>
Description:
freerdp-x11 - RDP client for Windows Terminal Services (X11 client)
libfreerdp-cache1.1 - Free Remote Desktop Protocol library (cache library)
libfreerdp-client1.1 - Free Remote Desktop Protocol library (client library)
libfreerdp-codec1.1 - Free Remote Desktop Protocol library (codec library)
libfreerdp-common1.1.0 - Free Remote Desktop Protocol library (common library)
libfreerdp-core1.1 - Free Remote Desktop Protocol library (core library)
libfreerdp-crypto1.1 - Free Remote Desktop Protocol library (freerdp-crypto library)
libfreerdp-dev - Free Remote Desktop Protocol library (development files)
libfreerdp-gdi1.1 - Free Remote Desktop Protocol library (GDI library)
libfreerdp-locale1.1 - Free Remote Desktop Protocol library (locale library)
libfreerdp-plugins-standard - RDP client for Windows Terminal Services (plugins)
libfreerdp-primitives1.1 - Free Remote Desktop Protocol library (primitives library)
libfreerdp-rail1.1 - Free Remote Desktop Protocol library (rail library)
libfreerdp-utils1.1 - Free Remote Desktop Protocol library (freerdp-utils library)
libwinpr-asn1-0.1 - Windows Portable Runtime library (ASN1 library)
libwinpr-bcrypt0.1 - Windows Portable Runtime library (bcrypt library)
libwinpr-credentials0.1 - Windows Portable Runtime library (credentials library)
libwinpr-credui0.1 - Windows Portable Runtime library (credeui library)
libwinpr-crt0.1 - Windows Portable Runtime library (crt library)
libwinpr-crypto0.1 - Windows Portable Runtime library (crypto library)
libwinpr-dev - Windows Portable Runtime library (development files)
libwinpr-dsparse0.1 - Windows Portable Runtime library (dsparse library)
libwinpr-environment0.1 - Windows Portable Runtime library (environment library)
libwinpr-error0.1 - Windows Portable Runtime library (error library)
libwinpr-file0.1 - Windows Portable Runtime library (file library)
libwinpr-handle0.1 - Windows Portable Runtime library (handle library)
libwinpr-heap0.1 - Windows Portable Runtime library (heap library)
libwinpr-input0.1 - Windows Portable Runtime library (input library)
libwinpr-interlocked0.1 - Windows Portable Runtime library (interlocked library)
libwinpr-io0.1 - Windows Portable Runtime library (io library)
libwinpr-library0.1 - Windows Portable Runtime library (library)
libwinpr-path0.1 - Windows Portable Runtime library (path library)
libwinpr-pipe0.1 - Windows Portable Runtime library (pipe library)
libwinpr-pool0.1 - Windows Portable Runtime library (pool library)
libwinpr-registry0.1 - Windows Portable Runtime library (registry library)
libwinpr-rpc0.1 - Windows Portable Runtime library (RPC library)
libwinpr-sspi0.1 - Windows Portable Runtime library (sspi library)
libwinpr-sspicli0.1 - Windows Portable Runtime library (sspicli library)
libwinpr-synch0.1 - Windows Portable Runtime library (synch library)
libwinpr-sysinfo0.1 - Windows Portable Runtime library (sysinfo library)
libwinpr-thread0.1 - Windows Portable Runtime library (thread library)
libwinpr-timezone0.1 - Windows Portable Runtime library (timezone library)
libwinpr-utils0.1 - Windows Portable Runtime library (utils library)
libwinpr-winhttp0.1 - Windows Portable Runtime library (winhttp library)
libwinpr-winsock0.1 - Windows Portable Runtime library (winsock library)
libxfreerdp-client1.1 - Free Remote Desktop Protocol library (xfreerdp-client library)
Closes: 869880
Changes:
freerdp (1.1.0~git20140921.1.440916e+dfsg1-14) unstable; urgency=high
.
[ Bernhard Miklautz ]
* debian/patches:
+ Add fix for CVE-2017-2834, CVE-2017-2835, CVE-2017-2836,
CVE-2017-2837, CVE-2017-2838, CVE-2017-2839. (Closes: #869880).
.
[ Mike Gabriel ]
* debian/{control,rules}:
+ Drop manually maintained dbg:packages. Create dbgsym:packages
automatically.
* debian/control:
+ Bump Standards-Version: to 4.0.0. No changes needed.
Checksums-Sha1:
397b4da916838395d9947719401aa286212db416 5630 freerdp_1.1.0~git20140921.1.440916e+dfsg1-14.dsc
5ed3e4cf7d088e20934089b3e309b4924a65d49c 57088 freerdp_1.1.0~git20140921.1.440916e+dfsg1-14.debian.tar.xz
a54e628e6b50095a18532e123997d580d2e333cc 12164 freerdp_1.1.0~git20140921.1.440916e+dfsg1-14_source.buildinfo
Checksums-Sha256:
553361bf6c403aabf2090fc1bc259cde8e3e50950c64edbb3aef7704c80534d7 5630 freerdp_1.1.0~git20140921.1.440916e+dfsg1-14.dsc
de367d9fbfd4cb5a07da63e000d82e42df5757922f6038cd887a16ab5d3b87b3 57088 freerdp_1.1.0~git20140921.1.440916e+dfsg1-14.debian.tar.xz
863b94e6d42ba9eccbb1694ccff4d56f7d64a3b20d9b9d17505376faace8ee98 12164 freerdp_1.1.0~git20140921.1.440916e+dfsg1-14_source.buildinfo
Files:
b7439abd74fe0e88b7c6bfd8598d5e8b 5630 x11 optional freerdp_1.1.0~git20140921.1.440916e+dfsg1-14.dsc
0434f7a38a034bac9b80fe9f205d0b0c 57088 x11 optional freerdp_1.1.0~git20140921.1.440916e+dfsg1-14.debian.tar.xz
7235fc1c980bc4bb8152358e448838e2 12164 x11 optional freerdp_1.1.0~git20140921.1.440916e+dfsg1-14_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJJBAEBCAAzFiEEm/uu6GwKpf+/IgeCmvRrMCV3GzEFAll6XR0VHHN1bndlYXZl
ckBkZWJpYW4ub3JnAAoJEJr0azAldxsx4iEQAKZKxAainU9qaxBlkxYIfUSBxHSo
U2i/lBhXlbtddfqF2ZbMHK287Ria9T5NY/Ykq4mBAThS7fuwnApJ1D9yYoOFmxEu
SIHdQXIMOfO/hiQ6IUPU565XBCFNl5EcoCPDxcZ3t26qmkqvNQbAPsjpVU2MMman
25uSirpjQ1NE2xYg66BiD8gBSAobvMVB5ZO0VA0ou8m4JshSCKopkE0qbFpOtUa+
sTV4ikvOSSwnLEjv9nbzNCsRpf7CaOvWTvQisXsB7ojoAKN7CUC8XqVYYLz7IZSw
RjHVnlALIDcnUsg2x+3q2Qrm1UWrIcXe0PYPHQ4ndVOG52nSUfKXFI0GhZ9Wq6yF
Q+254E7ZFvok3EnxRpt+WxCvlIGE48sC7DQzo5SPQii9p9orA0D0CLgm9+0QKwCi
zH4oyoJXHcagTIzMG2cSO9RIOkXJ0YP8qi//+8PwRCX7CRUbNklUlf5glDnJf/t1
T3Owq9OOG9z9j2pTPvCltIP6P1uKSNNQoezJbqNWwvfbDnF+4TVrkiWDaa+lUZCw
jQgOYuhAzSZbUMI8XISrxD8Z304GebXVgE+5isYPX2Kc7iFpUPRNneDt7TNUKapn
L2eWuANzJhvWz57LSAgopwTKxNKkbADRXABok35U9pQmRCH9npMDDeNTDI903Y6+
QFesl7yavG0glIGc
=VliT
-----END PGP SIGNATURE-----
Reply sent
to Mike Gabriel <sunweaver@debian.org>:
You have taken responsibility.
(Sat, 05 Aug 2017 19:51:27 GMT) (full text, mbox, link).
Notification sent
to Moritz Muehlenhoff <jmm@debian.org>:
Bug acknowledged by developer.
(Sat, 05 Aug 2017 19:51:27 GMT) (full text, mbox, link).
Message #39 received at 869880-close@bugs.debian.org (full text, mbox, reply):
Source: freerdp
Source-Version: 1.1.0~git20140921.1.440916e+dfsg1-13+deb9u1
We believe that the bug you reported is fixed in the latest version of
freerdp, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 869880@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Mike Gabriel <sunweaver@debian.org> (supplier of updated freerdp package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 27 Jul 2017 23:53:25 +0200
Source: freerdp
Binary: freerdp-x11 libfreerdp-cache1.1 libfreerdp-client1.1 libfreerdp-codec1.1 libfreerdp-common1.1.0 libfreerdp-core1.1 libfreerdp-crypto1.1 libfreerdp-gdi1.1 libfreerdp-locale1.1 libfreerdp-primitives1.1 libfreerdp-rail1.1 libfreerdp-utils1.1 libwinpr-asn1-0.1 libwinpr-bcrypt0.1 libwinpr-credentials0.1 libwinpr-credui0.1 libwinpr-crt0.1 libwinpr-crypto0.1 libwinpr-dsparse0.1 libwinpr-environment0.1 libwinpr-error0.1 libwinpr-file0.1 libwinpr-handle0.1 libwinpr-heap0.1 libwinpr-input0.1 libwinpr-interlocked0.1 libwinpr-io0.1 libwinpr-library0.1 libwinpr-path0.1 libwinpr-pipe0.1 libwinpr-pool0.1 libwinpr-registry0.1 libwinpr-rpc0.1 libwinpr-sspi0.1 libwinpr-sspicli0.1 libwinpr-synch0.1 libwinpr-sysinfo0.1 libwinpr-thread0.1 libwinpr-timezone0.1 libwinpr-utils0.1 libwinpr-winhttp0.1 libwinpr-winsock0.1 libxfreerdp-client1.1 libfreerdp-plugins-standard libfreerdp-dev libwinpr-dev freerdp-x11-dbg libxfreerdp-client-dbg libfreerdp-dbg libwinpr-dbg
libfreerdp-plugins-standard-dbg
Architecture: source
Version: 1.1.0~git20140921.1.440916e+dfsg1-13+deb9u1
Distribution: stretch-security
Urgency: high
Maintainer: Debian Remote Maintainers <pkg-remote-team@lists.alioth.debian.org>
Changed-By: Mike Gabriel <sunweaver@debian.org>
Description:
freerdp-x11 - RDP client for Windows Terminal Services (X11 client)
freerdp-x11-dbg - RDP client for Windows Terminal Services (X11 client, debug symbo
libfreerdp-cache1.1 - Free Remote Desktop Protocol library (cache library)
libfreerdp-client1.1 - Free Remote Desktop Protocol library (client library)
libfreerdp-codec1.1 - Free Remote Desktop Protocol library (codec library)
libfreerdp-common1.1.0 - Free Remote Desktop Protocol library (common library)
libfreerdp-core1.1 - Free Remote Desktop Protocol library (core library)
libfreerdp-crypto1.1 - Free Remote Desktop Protocol library (freerdp-crypto library)
libfreerdp-dbg - Free Remote Desktop Protocol library (debug symbols)
libfreerdp-dev - Free Remote Desktop Protocol library (development files)
libfreerdp-gdi1.1 - Free Remote Desktop Protocol library (GDI library)
libfreerdp-locale1.1 - Free Remote Desktop Protocol library (locale library)
libfreerdp-plugins-standard - RDP client for Windows Terminal Services (plugins)
libfreerdp-plugins-standard-dbg - RDP client for Windows Terminal Services (plugins debug)
libfreerdp-primitives1.1 - Free Remote Desktop Protocol library (primitives library)
libfreerdp-rail1.1 - Free Remote Desktop Protocol library (rail library)
libfreerdp-utils1.1 - Free Remote Desktop Protocol library (freerdp-utils library)
libwinpr-asn1-0.1 - Windows Portable Runtime library (ASN1 library)
libwinpr-bcrypt0.1 - Windows Portable Runtime library (bcrypt library)
libwinpr-credentials0.1 - Windows Portable Runtime library (credentials library)
libwinpr-credui0.1 - Windows Portable Runtime library (credeui library)
libwinpr-crt0.1 - Windows Portable Runtime library (crt library)
libwinpr-crypto0.1 - Windows Portable Runtime library (crypto library)
libwinpr-dbg - Windows Portable Runtime library (debug symbols)
libwinpr-dev - Windows Portable Runtime library (development files)
libwinpr-dsparse0.1 - Windows Portable Runtime library (dsparse library)
libwinpr-environment0.1 - Windows Portable Runtime library (environment library)
libwinpr-error0.1 - Windows Portable Runtime library (error library)
libwinpr-file0.1 - Windows Portable Runtime library (file library)
libwinpr-handle0.1 - Windows Portable Runtime library (handle library)
libwinpr-heap0.1 - Windows Portable Runtime library (heap library)
libwinpr-input0.1 - Windows Portable Runtime library (input library)
libwinpr-interlocked0.1 - Windows Portable Runtime library (interlocked library)
libwinpr-io0.1 - Windows Portable Runtime library (io library)
libwinpr-library0.1 - Windows Portable Runtime library (library)
libwinpr-path0.1 - Windows Portable Runtime library (path library)
libwinpr-pipe0.1 - Windows Portable Runtime library (pipe library)
libwinpr-pool0.1 - Windows Portable Runtime library (pool library)
libwinpr-registry0.1 - Windows Portable Runtime library (registry library)
libwinpr-rpc0.1 - Windows Portable Runtime library (RPC library)
libwinpr-sspi0.1 - Windows Portable Runtime library (sspi library)
libwinpr-sspicli0.1 - Windows Portable Runtime library (sspicli library)
libwinpr-synch0.1 - Windows Portable Runtime library (synch library)
libwinpr-sysinfo0.1 - Windows Portable Runtime library (sysinfo library)
libwinpr-thread0.1 - Windows Portable Runtime library (thread library)
libwinpr-timezone0.1 - Windows Portable Runtime library (timezone library)
libwinpr-utils0.1 - Windows Portable Runtime library (utils library)
libwinpr-winhttp0.1 - Windows Portable Runtime library (winhttp library)
libwinpr-winsock0.1 - Windows Portable Runtime library (winsock library)
libxfreerdp-client-dbg - RDP client for Windows Terminal Services (xfreerdp-client debug s
libxfreerdp-client1.1 - Free Remote Desktop Protocol library (xfreerdp-client library)
Closes: 869880
Changes:
freerdp (1.1.0~git20140921.1.440916e+dfsg1-13+deb9u1) stretch-security; urgency=high
.
[ Bernhard Miklautz ]
* debian/patches:
+ Add fix for CVE-2017-2834, CVE-2017-2835, CVE-2017-2836,
CVE-2017-2837, CVE-2017-2838, CVE-2017-2839 (Closes: #869880)
Checksums-Sha1:
173c5f83dfd0e90a863b54478ee8464d3cdf74cc 5993 freerdp_1.1.0~git20140921.1.440916e+dfsg1-13+deb9u1.dsc
5e5b371e68e42aa665f93049f95237517ac5238f 2699372 freerdp_1.1.0~git20140921.1.440916e+dfsg1.orig.tar.xz
cc7a1fefcba34a35ac5eeadc8ad30d444892e90f 57272 freerdp_1.1.0~git20140921.1.440916e+dfsg1-13+deb9u1.debian.tar.xz
a3b855fd2af71de15f77ba572c70d0c96052fd19 12292 freerdp_1.1.0~git20140921.1.440916e+dfsg1-13+deb9u1_source.buildinfo
Checksums-Sha256:
9874565855ccd5c79e7ddc7dd2487cd00c09fc1955985ca6c876fffdb343b457 5993 freerdp_1.1.0~git20140921.1.440916e+dfsg1-13+deb9u1.dsc
7bd635fd0ece5c938f30f54b3cb22bdecddaf54be3ee7065f019bbef00ab83d8 2699372 freerdp_1.1.0~git20140921.1.440916e+dfsg1.orig.tar.xz
ca82c2490c384e1361de512db728a70a3343e55bac30bf3556ac68ba21f98719 57272 freerdp_1.1.0~git20140921.1.440916e+dfsg1-13+deb9u1.debian.tar.xz
85aba402ee3de7ea2fe0ec7e0e188bb0cc59e6e8ea7dd588b62156554f820dbd 12292 freerdp_1.1.0~git20140921.1.440916e+dfsg1-13+deb9u1_source.buildinfo
Files:
b779e0b97fb8a344f0815fb06c6d5c72 5993 x11 optional freerdp_1.1.0~git20140921.1.440916e+dfsg1-13+deb9u1.dsc
b37fd56cfd3093f861a7aab37e9fa78c 2699372 x11 optional freerdp_1.1.0~git20140921.1.440916e+dfsg1.orig.tar.xz
d94391cfcdbb1dcaacfc47f20f4f1489 57272 x11 optional freerdp_1.1.0~git20140921.1.440916e+dfsg1-13+deb9u1.debian.tar.xz
20ae069fefabe9d6d09baf9e25967a0f 12292 x11 optional freerdp_1.1.0~git20140921.1.440916e+dfsg1-13+deb9u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJJBAEBCAAzFiEEm/uu6GwKpf+/IgeCmvRrMCV3GzEFAll6/oYVHHN1bndlYXZl
ckBkZWJpYW4ub3JnAAoJEJr0azAldxsxi1kQAKd3SsKyyRk/+ibVYRPReMJuZTle
NldZ4SA/psLk6UoMwItlK0l/0B63xwNXsnuJ3jAzux8RsB5Yorb9E17E2p9ivMWo
6luTiq0vyzT8C9iwuNngEQ4IuqQzoMeLMHjsma2OgXLk+b8zWb6w4a7x5aJhn6FW
fJCuyKE9h4V0cgEd3f652K7SqZDzQVfXmXjqJdex0SsSnwpjlF8Tt41Y7++pYHB9
OyUxhjcit5beQ0glDDOW8XQERLFRbdE0078j85DN0pSIKFbswzIlgdY6OVqiz7k7
M8wwr7xHufHI0qX6x6S9on8eOv0Cq4uoQBy/XhSdUuQvbduEVrT/o+3pOlSlRq+E
8mffftWCApmG8p2Sg0vrBRscecrmfqhA+6xI8kcem+4bHVA0JZ0MDJWQzNkUoxLO
V2GpXqU0GIuZwaIp8Pib9EZTBAV8UyfhTT7qmbWWvCI/NOgi68Bk9gisTqLIaruT
7BV/96LVStRFJ5aCl/z9gUnHa7K1+GKP4d9xL81dSk1x/qYzJfkxlYvoWmtdTAht
z3rDz//aZOGH6BfLr5RRQBruPrCtfaDfj9CsKfogtV2uPzIlDL/P5CtN6dWQm5uE
pYsWdZHbPd9hUfR39bUc3HxhX0u5jPaaFsSWeqs7uN2xnPK2WAWrUN5Yg+vHrcWj
jjxxn1hHpYT7SFTE
=cUNh
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Sun, 08 Oct 2017 07:32:24 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 18:26:44 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon