Security update for freerdp
This update for freerdp fixes the following issues:
- CVE-2017-2834: Out-of-bounds write in license_recv() (bsc#1050714)
- CVE-2017-2835: Out-of-bounds write in rdp_recv_tpkt_pdu (bsc#1050712)
- CVE-2017-2836: Rdp Client Read Server Proprietary Certificate Denial of Service (bsc#1050699)
- CVE-2017-2837: Client GCC Read Server Security Data DoS (bsc#1050704)
- CVE-2017-2838: Client License Read Product Info Denial of Service Vulnerability (bsc#1050708)
- CVE-2017-2839: Client License Read Challenge Packet Denial of Service (bsc#1050711)
This update was imported from the SUSE:SLE-12-SP2:Update update project.
-
Submitted by
Felix Zhang (zhangxiaofei)
Fixed bugs
bnc#1050704
VUL-0: CVE-2017-2837: freerdp: Client GCC Read Server Security Data DoS (TALOS-2017-0339)
bnc#1050714
VUL-0: CVE-2017-2834: freerdp: Out-of-bounds write in license_recv()
bnc#1050712
VUL-0: CVE-2017-2835: freerdp: Out-of-bounds write in rdp_recv_tpkt_pdu
bnc#1050711
VUL-0: CVE-2017-2839: freerdp: Client License Read Challenge Packet Denial of Service
bnc#1050699
VUL-0: CVE-2017-2836: freerdp: FreeRDP Rdp Client Read Server Proprietary Certificate Denial of Service Vulnerability (TALOS-2017-0338)
bnc#1050708
VUL-0: CVE-2017-2838: freerdp: Client License Read Product Info Denial of Service Vulnerability
