File _patchinfo of Package patchinfo.42841

<patchinfo incident="42841">
  <!--generated  with prepare-update from request 401876-->
  <issue tracker="bnc" id="1256721">VUL-0: CVE-2026-22855: freerdp,freerdp2: Heap-buffer-overflow in smartcard_unpack_set_attrib_call</issue>
  <issue tracker="bnc" id="1256723">VUL-0: CVE-2026-22857: freerdp,freerdp2: Heap-use-after-free in irp_thread_func</issue>
  <issue tracker="bnc" id="1256943">VUL-0: CVE-2026-23533: freerdp,freerdp2: improper validation can lead to heap buffer overflow in `clear_decompress_residual_data`</issue>
  <issue tracker="bnc" id="1256945">VUL-0: CVE-2026-23732: freerdp,freerdp2: improper validation can lead to heap buffer overflow in `Glyph_Alloc`</issue>
  <issue tracker="bnc" id="1256947">VUL-0: CVE-2026-23884: freerdp,freerdp2: use-after-free in `gdi_set_bounds`</issue>
  <issue tracker="bnc" id="1257981">VUL-0: CVE-2026-24491: freerdp,freerdp2: Heap-use-after-free in video_timer</issue>
  <issue tracker="bnc" id="1257982">VUL-0: CVE-2026-24675: freerdp,freerdp2: Heap-use-after-free in urb_select_interface</issue>
  <issue tracker="bnc" id="1257983">VUL-0: CVE-2026-24676: freerdp,freerdp2: Heap-use-after-free in audio_format_compatible</issue>
  <issue tracker="bnc" id="1257986">VUL-0: CVE-2026-24679: freerdp,freerdp2: Heap-buffer-overflow in urb_select_interface</issue>
  <issue tracker="bnc" id="1257989">VUL-0: CVE-2026-24682: freerdp,freerdp2: Heap-buffer-overflow in audio_formats_free</issue>
  <issue tracker="bnc" id="1257991">VUL-0: CVE-2026-24684: freerdp,freerdp2: Heap-use-after-free in play_thread</issue>
  <issue tracker="cve" id="2026-22855"/>
  <issue tracker="cve" id="2026-22857"/>
  <issue tracker="cve" id="2026-23533"/>
  <issue tracker="cve" id="2026-23732"/>
  <issue tracker="cve" id="2026-23884"/>
  <issue tracker="cve" id="2026-24491"/>
  <issue tracker="cve" id="2026-24675"/>
  <issue tracker="cve" id="2026-24676"/>
  <issue tracker="cve" id="2026-24679"/>
  <issue tracker="cve" id="2026-24682"/>
  <issue tracker="cve" id="2026-24684"/>
  <category>security</category>
  <rating>important</rating>
  <packager>mgorse</packager>
  <summary>Security update for freerdp</summary>
  <description>This update for freerdp fixes the following issues:

- CVE-2026-22855: heap-buffer-overflow in smartcard_unpack_set_attrib_call (bsc#1256721).
- CVE-2026-22857: heap-use-after-free in irp_thread_func (bsc#1256723).
- CVE-2026-23533: improper validation can lead to heap buffer overflow in `clear_decompress_residual_data`
  (bsc#1256943).
- CVE-2026-23732: improper validation can lead to heap buffer overflow in `Glyph_Alloc` (bsc#1256945).
- CVE-2026-23884: use-after-free in `gdi_set_bounds` (bsc#1256947).
- CVE-2026-24491: heap-use-after-free in video_timer (bsc#1257981).
- CVE-2026-24675: heap-use-after-free in urb_select_interface (bsc#1257982).
- CVE-2026-24676: heap-use-after-free in audio_format_compatible (bsc#1257983).
- CVE-2026-24679: heap-buffer-overflow in urb_select_interface (bsc#1257986).
- CVE-2026-24682: heap-buffer-overflow in audio_formats_free (bsc#1257989).
- CVE-2026-24684: heap-use-after-free in play_thread (bsc#1257991).
</description>
</patchinfo>