Overview

File _patchinfo of Package patchinfo.7165

<patchinfo incident="7165">
  <issue id="1050704" tracker="bnc">VUL-0: CVE-2017-2837: freerdp: Client GCC Read Server Security Data DoS (TALOS-2017-0339)</issue>
  <issue id="1050714" tracker="bnc">VUL-0: CVE-2017-2834: freerdp: Out-of-bounds write in license_recv()</issue>
  <issue id="1050712" tracker="bnc">VUL-0: CVE-2017-2835: freerdp: Out-of-bounds write in rdp_recv_tpkt_pdu</issue>
  <issue id="1050711" tracker="bnc">VUL-0: CVE-2017-2839: freerdp: Client License Read Challenge Packet Denial of Service</issue>
  <issue id="1050699" tracker="bnc">VUL-0: CVE-2017-2836: freerdp: FreeRDP Rdp Client Read Server Proprietary Certificate Denial of Service Vulnerability (TALOS-2017-0338)</issue>
  <issue id="1050708" tracker="bnc">VUL-0: CVE-2017-2838: freerdp: Client License Read Product Info Denial of Service Vulnerability</issue>
  <issue id="2017-2835" tracker="cve" />
  <issue id="2017-2834" tracker="cve" />
  <issue id="2017-2837" tracker="cve" />
  <issue id="2017-2836" tracker="cve" />
  <issue id="2017-2839" tracker="cve" />
  <issue id="2017-2838" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>zhangxiaofei</packager>
  <description>This update for freerdp fixes the following issues:

- CVE-2017-2834: Out-of-bounds write in license_recv() (bsc#1050714)
- CVE-2017-2835: Out-of-bounds write in rdp_recv_tpkt_pdu (bsc#1050712)
- CVE-2017-2836: Rdp Client Read Server Proprietary Certificate Denial of Service (bsc#1050699)
- CVE-2017-2837: Client GCC Read Server Security Data DoS (bsc#1050704)
- CVE-2017-2838: Client License Read Product Info Denial of Service Vulnerability (bsc#1050708)
- CVE-2017-2839: Client License Read Challenge Packet Denial of Service (bsc#1050711)

This update was imported from the SUSE:SLE-12-SP2:Update update project.</description>
  <summary>Security update for freerdp</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places