Your submission was sent successfully! Close

USN-4382-1: FreeRDP vulnerabilities

4 June 2020

Several security issues were fixed in FreeRDP.

Releases

Packages

  • freerdp - RDP client for Windows Terminal Services

Details

It was discovered that FreeRDP incorrectly handled certain memory
operations. A remote attacker could use this issue to cause FreeRDP to
crash, resulting in a denial of service, or possibly execute arbitrary
code.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 16.04

In general, a standard system update will make all the necessary changes.

References

Related notices

  • USN-4379-1: libwinpr2-dev, libuwac0-0, freerdp2-dev, winpr-utils, libwinpr-tools2-2, libfreerdp-client2-2, freerdp2-x11, freerdp2-wayland, freerdp2-shadow-x11, libfreerdp-shadow2-2, libfreerdp-server2-2, libwinpr2-2, libfreerdp2-2, freerdp2, libfreerdp-shadow-subsystem2-2, libuwac0-dev
  • USN-4382-2: libwinpr-crt0.1, libwinpr-handle0.1, libwinpr-dsparse0.1, libwinpr-registry0.1, libfreerdp-rail1.1, libwinpr-heap0.1, libwinpr-pipe0.1, libfreerdp-common1.1.0, libwinpr-dev, libwinpr-io0.1, libwinpr-utils0.1, libwinpr-file0.1, libfreerdp-locale1.1, libwinpr-bcrypt0.1, libwinpr-path0.1, libwinpr-sspicli0.1, libwinpr-winsock0.1, libwinpr-interlocked0.1, libwinpr-environment0.1, libwinpr-error0.1, libwinpr-library0.1, libfreerdp-gdi1.1, libwinpr-rpc0.1, libwinpr-sspi0.1, libfreerdp-utils1.1, freerdp, libwinpr-sysinfo0.1, libfreerdp-cache1.1, libfreerdp-primitives1.1, libwinpr-credui0.1, libwinpr-input0.1, libwinpr-thread0.1, libfreerdp-client1.1, libwinpr-credentials0.1, libfreerdp-codec1.1, libwinpr-synch0.1, libwinpr-timezone0.1, libwinpr-crypto0.1, libwinpr-asn1-0.1, libwinpr-pool0.1, libxfreerdp-client1.1, libfreerdp-plugins-standard, freerdp-x11, libfreerdp-dev, libwinpr-winhttp0.1, libfreerdp-crypto1.1, libfreerdp-core1.1

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading