USN-4382-1: FreeRDP vulnerabilities

04 June 2020

Several security issues were fixed in FreeRDP.

Releases

Ubuntu 16.04 LTS

Packages

freerdp - RDP client for Windows Terminal Services

Details

It was discovered that FreeRDP incorrectly handled certain memory
operations. A remote attacker could use this issue to cause FreeRDP to
crash, resulting in a denial of service, or possibly execute arbitrary
code.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 16.04

libfreerdp-client1.1 - 1.1.0~git20140921.1.440916e+dfsg1-5ubuntu1.4
libfreerdp-common1.1.0 - 1.1.0~git20140921.1.440916e+dfsg1-5ubuntu1.4
libfreerdp-core1.1 - 1.1.0~git20140921.1.440916e+dfsg1-5ubuntu1.4

In general, a standard system update will make all the necessary changes.

References

CVE-2020-11042
CVE-2020-11045
CVE-2020-11046
CVE-2020-11048
CVE-2020-11049
CVE-2020-11058
CVE-2020-11521
CVE-2020-11522
CVE-2020-11523
CVE-2020-11525
CVE-2020-11526
CVE-2020-13396
CVE-2020-13397
CVE-2020-13398

Related notices

USN-4379-1: libfreerdp2-2, freerdp2, libfreerdp-client2-2, libfreerdp-server2-2
USN-4382-2: libfreerdp-common1.1.0, libfreerdp-client1.1, freerdp, libfreerdp-core1.1

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu 14.04 Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM