File _patchinfo of Package patchinfo.27685
<patchinfo incident="27685">
<issue tracker="bnc" id="1205512">VUL-0: CVE-2022-39316, CVE-2022-39317, CVE-2022-39318, CVE-2022-39319, CVE-2022-39320, CVE-2022-41877, CVE-2022-39347: freerdp: Multiple client side input validation issues</issue>
<issue tracker="cve" id="2022-39320"/>
<issue tracker="cve" id="2022-39317"/>
<issue tracker="cve" id="2022-39347"/>
<issue tracker="cve" id="2022-41877"/>
<issue tracker="cve" id="2022-39316"/>
<packager>yudaike</packager>
<rating>moderate</rating>
<category>security</category>
<summary>Security update for freerdp</summary>
<description>This update for freerdp fixes the following issues:
- CVE-2022-39316: Fixed out of bound read in zgfx decoder (bsc#1205512).
- CVE-2022-39317: Fixed undefined behaviour in zgfx decoder (bsc#1205512).
- CVE-2022-39320: Fixed heap buffer overflow in urbdrc channel (bsc#1205512).
- CVE-2022-39347: Fixed missing path sanitation with drive channel (bsc#1205512).
- CVE-2022-41877: Fixed missing input length validation in drive channel (bsc#1205512).
</description>
</patchinfo>