File _patchinfo of Package patchinfo.27685

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.27685

<patchinfo incident="27685">
  <issue tracker="bnc" id="1205512">VUL-0: CVE-2022-39316, CVE-2022-39317, CVE-2022-39318, CVE-2022-39319, CVE-2022-39320, CVE-2022-41877, CVE-2022-39347: freerdp: Multiple client side input validation issues</issue>
  <issue tracker="cve" id="2022-39320"/>
  <issue tracker="cve" id="2022-39317"/>
  <issue tracker="cve" id="2022-39347"/>
  <issue tracker="cve" id="2022-41877"/>
  <issue tracker="cve" id="2022-39316"/>
  <packager>yudaike</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for freerdp</summary>
  <description>This update for freerdp fixes the following issues:

- CVE-2022-39316: Fixed out of bound read in zgfx decoder (bsc#1205512).
- CVE-2022-39317: Fixed undefined behaviour in zgfx decoder (bsc#1205512).
- CVE-2022-39320: Fixed heap buffer overflow in urbdrc channel (bsc#1205512).
- CVE-2022-39347: Fixed missing path sanitation with drive channel (bsc#1205512).
- CVE-2022-41877: Fixed missing input length validation in drive channel (bsc#1205512).
</description>
</patchinfo>

Places

File _patchinfo of Package patchinfo.27685

Places