USN-4382-2: FreeRDP vulnerabilities

26 November 2020

Several security issues were fixed in FreeRDP.

Releases

Packages

  • freerdp - RDP client for Windows Terminal Services

Details

It was discovered that FreeRDP incorrectly handled certain memory
operations. A remote attacker could use this issue to cause FreeRDP to
crash, resulting in a denial of service, or possibly execute arbitrary
code.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.04

In general, a standard system update will make all the necessary changes.

Related notices

  • USN-4379-1: libwinpr-tools2-2, libwinpr2-2, libfreerdp-shadow2-2, winpr-utils, freerdp2-wayland, libfreerdp2-2, libuwac0-0, freerdp2-shadow-x11, libfreerdp-client2-2, freerdp2, libfreerdp-shadow-subsystem2-2, libuwac0-dev, libfreerdp-server2-2, freerdp2-x11, libwinpr2-dev, freerdp2-dev
  • USN-4382-1: freerdp, libwinpr-asn1-0.1, libwinpr-io0.1, libfreerdp-plugins-standard, libfreerdp-gdi1.1, libwinpr-utils0.1, libwinpr-dev, libwinpr-library0.1, libfreerdp-core1.1, freerdp-x11, libwinpr-path0.1, libwinpr-winhttp0.1, libfreerdp-crypto1.1, libwinpr-winsock0.1, libfreerdp-locale1.1, libwinpr-registry0.1, libwinpr-crt0.1, libwinpr-bcrypt0.1, libwinpr-heap0.1, libfreerdp-codec1.1, libwinpr-interlocked0.1, libfreerdp-rail1.1, libwinpr-handle0.1, libfreerdp-common1.1.0, libfreerdp-cache1.1, libwinpr-timezone0.1, libwinpr-sspi0.1, libwinpr-rpc0.1, libwinpr-synch0.1, libwinpr-pipe0.1, libfreerdp-client1.1, libwinpr-pool0.1, libwinpr-sspicli0.1, libfreerdp-utils1.1, libxfreerdp-client1.1, libwinpr-crypto0.1, libwinpr-dsparse0.1, libwinpr-error0.1, libwinpr-sysinfo0.1, libwinpr-credentials0.1, libwinpr-credui0.1, libwinpr-input0.1, libfreerdp-primitives1.1, libwinpr-thread0.1, libfreerdp-dev, libwinpr-environment0.1, libwinpr-file0.1