UbuntuUpdates.org

Package "libwinpr2-2"

Name: libwinpr2-2

Description:

Windows Portable Runtime library

Latest version: 2.2.0+dfsg1-0ubuntu0.18.04.4
Release: bionic (18.04)
Level: updates
Repository: main
Head package: freerdp2
Homepage: http://www.freerdp.com/

Links


Download "libwinpr2-2"


Other versions of "libwinpr2-2" in Bionic

Repository Area Version
base main 2.0.0~git20170725.1.1648deb+dfsg1-7
security main 2.2.0+dfsg1-0ubuntu0.18.04.4

Changelog

Version: 2.2.0+dfsg1-0ubuntu0.18.04.4 2022-11-22 19:07:20 UTC

  freerdp2 (2.2.0+dfsg1-0ubuntu0.18.04.4) bionic-security; urgency=medium

  * SECURITY UPDATE: out of bounds read via parallel driver
    - debian/patches/CVE-2022-39282.patch: fix length checks in parallel
      driver in channels/parallel/client/parallel_main.c.
    - CVE-2022-39282
  * SECURITY UPDATE: out of bounds read via video channel
    - debian/patches/CVE-2022-39283.patch: fixed missing length check in
      video channel in channels/video/client/video_main.c.
    - CVE-2022-39283
  * SECURITY UPDATE: out of bounds reads in ZGFX decoder component
    - debian/patches/CVE-2022-39316_7.patch: added missing length checks in
      zgfx_decompress_segment in libfreerdp/codec/zgfx.c.
    - CVE-2022-39316
    - CVE-2022-39317
  * SECURITY UPDATE: missing input validation in urbdrc
    - debian/patches/CVE-2022-39318.patch: fixed division by zero in urbdrc
      in channels/urbdrc/client/libusb/libusb_udevice.c.
    - CVE-2022-39318
  * SECURITY UPDATE: missing input length validation in urbdrc
    - debian/patches/CVE-2022-39319-1.patch: fixed missing input buffer
      length check in urbdrc in channels/urbdrc/client/data_transfer.c.
    - debian/patches/CVE-2022-39319-2.patch: added missing length check in
      urb_control_transfer in channels/urbdrc/client/data_transfer.c.
    - CVE-2022-39319
  * SECURITY UPDATE: out of bounds read in usb
    - debian/patches/CVE-2022-39320.patch: ensure urb_create_iocompletion
      uses size_t for calculation in
      channels/urbdrc/client/data_transfer.c.
    - CVE-2022-39320
  * SECURITY UPDATE: missing path canonicalization and base path check
    for drive channel
    - debian/patches/CVE-2022-39347-1.patch: added function _wcsncmp in
      winpr/include/winpr/string.h, winpr/libwinpr/crt/string.c.
    - debian/patches/CVE-2022-39347-2.patch: fix wcs*cmp and wcs*len checks
      in winpr/libwinpr/crt/string.c.
    - debian/patches/CVE-2022-39347-3.patch: added wcsstr implementation in
      winpr/include/winpr/string.h, winpr/libwinpr/crt/string.c.
    - debian/patches/CVE-2022-39347-4.patch: fixed path validation in drive
      channel in channels/drive/client/drive_file.c,
      channels/drive/client/drive_file.h,
      channels/drive/client/drive_main.c.
    - CVE-2022-39347

 -- Marc Deslauriers <email address hidden> Mon, 21 Nov 2022 11:20:15 -0500

Source diff to previous version
CVE-2022-39282 FreeRDP is a free remote desktop protocol library and clients. FreeRDP based clients on unix systems using `/parallel` command line switch might read
CVE-2022-39283 FreeRDP is a free remote desktop protocol library and clients. All FreeRDP based clients when using the `/video` command line switch might read unini
CVE-2022-39316 FreeRDP is a free remote desktop protocol library and clients. In affected versions there is an out of bound read in ZGFX decoder component of FreeRD
CVE-2022-39317 FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing a range check for input offset index in ZGFX
CVE-2022-39318 FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input validation in `urbdrc` channel. A malic
CVE-2022-39319 FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input length validation in the `urbdrc` chann
CVE-2022-39320 FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP may attempt integer addition on too narrow types leads to
CVE-2022-39347 FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing path canonicalization and base path check for

Version: 2.2.0+dfsg1-0ubuntu0.18.04.3 2022-06-06 18:06:22 UTC

  freerdp2 (2.2.0+dfsg1-0ubuntu0.18.04.3) bionic-security; urgency=medium

  * SECURITY UPDATE: authentication bypass via empty password values
    - debian/patches/CVE-2022-24882.patch: fix return code confusion in
      winpr/libwinpr/sspi/NTLM/ntlm_av_pairs.*,
      winpr/libwinpr/sspi/NTLM/ntlm_compute.*,
      winpr/libwinpr/sspi/NTLM/ntlm_message.c.
    - CVE-2022-24882
  * SECURITY UPDATE: authentication bypass via incorrect SAM file path
    - debian/patches/CVE-2022-24883.patch: clean up ntlm_fetch_ntlm_v2_hash
      in winpr/libwinpr/sspi/NTLM/ntlm_compute.c.
    - CVE-2022-24883

 -- Marc Deslauriers <email address hidden> Mon, 06 Jun 2022 09:23:21 -0400

Source diff to previous version
CVE-2022-24882 FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). In versions prior to 2.7.0, NT LAN Manager (NTLM) authentication does not prop
CVE-2022-24883 FreeRDP is a free implementation of the Remote Desktop Protocol (RDP). Prior to version 2.7.0, server side authentication against a `SAM` file might

Version: 2.2.0+dfsg1-0ubuntu0.18.04.2 2021-11-23 17:07:15 UTC

  freerdp2 (2.2.0+dfsg1-0ubuntu0.18.04.2) bionic-security; urgency=medium

  * SECURITY UPDATE: OOB Write
    - debian/patches/CVE-2021-41159-and-41160.patch: add checks
      in multiple files and added checks for bitmap
      width and heigth values in order to avoid out
      of bounds write in
      libfreerdp/core/gateway/ncacn_http.c,
      libfreerdp/core/gateway/rdg.c,
      libfreerdp/core/gateway/rpc.c,
      libfreerdp/core/gateway/rpc.h,
      libfreerdp/core/gateway/rpc_bind.c,
      libfreerdp/core/gateway/rpc_bind.h,
      libfreerdp/core/gateway/rpc_client.c,
      libfreerdp/core/gateway/rpc_client.h,
      libfreerdp/core/gateway/rpc_fault.c,
      libfreerdp/core/gateway/rts.c,
      libfreerdp/core/gateway/rts.h,
      libfreerdp/core/gateway/rts_signature.c,
      libfreerdp/core/gateway/rts_signature.h,
      libfreerdp/core/gateway/tsg.c,
      libfreerdp/core/orders.c,
      libfreerdp/core/surface.c,
      libfreerdp/core/update.c.
    - CVE-2021-41159
    - CVE-2021-41160

 -- Leonidas Da Silva Barbosa <email address hidden> Mon, 08 Nov 2021 16:16:27 -0300

Source diff to previous version
CVE-2021-41159 FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. All FreeRDP clients prior to version 2.4.1
CVE-2021-41160 FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a malicious server mig

Version: 2.2.0+dfsg1-0ubuntu0.18.04.1 2020-09-01 15:06:37 UTC

  freerdp2 (2.2.0+dfsg1-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * Updated to 2.2.0 to fix multiple security issues.
    - debian/*symbols: updated for new version.
    - CVE-2020-4030, CVE-2020-4031, CVE-2020-4032, CVE-2020-4033,
      CVE-2020-11095, CVE-2020-11096, CVE-2020-11097, CVE-2020-11098,
      CVE-2020-11099, CVE-2020-15103

 -- Marc Deslauriers <email address hidden> Wed, 26 Aug 2020 08:37:50 -0400

Source diff to previous version
CVE-2020-4030 In FreeRDP before version 2.1.2, there is an out of bounds read in TrioParse. Logging might bypass string length checks due to an integer overflow. T
CVE-2020-4031 In FreeRDP before version 2.1.2, there is a use-after-free in gdi_SelectObject. All FreeRDP clients using compatibility mode with /relax-order-checks
CVE-2020-4032 In FreeRDP before version 2.1.2, there is an integer casting vulnerability in update_recv_secondary_order. All clients with +glyph-cache /relax-order
CVE-2020-4033 In FreeRDP before version 2.1.2, there is an out of bounds read in RLEDECOMPRESS. All FreeRDP based clients with sessions with color depth < 32 are a
CVE-2020-11095 In FreeRDP before version 2.1.2, an out of bound reads occurs resulting in accessing a memory location that is outside of the boundaries of the stati
CVE-2020-11096 In FreeRDP before version 2.1.2, there is a global OOB read in update_read_cache_bitmap_v3_order. As a workaround, one can disable bitmap cache with
CVE-2020-11097 In FreeRDP before version 2.1.2, an out of bounds read occurs resulting in accessing a memory location that is outside of the boundaries of the stati
CVE-2020-11098 In FreeRDP before version 2.1.2, there is an out-of-bound read in glyph_cache_put. This affects all FreeRDP clients with `+glyph-cache` option enable
CVE-2020-11099 In FreeRDP before version 2.1.2, there is an out of bounds read in license_read_new_or_upgrade_license_packet. A manipulated license packet can lead
CVE-2020-15103 In FreeRDP less than or equal to 2.1.2, an integer overflow exists due to missing input sanitation in rdpegfx channel. All FreeRDP clients are affect

Version: 2.1.1+dfsg1-0ubuntu0.18.04.1 2020-06-01 19:07:26 UTC

  freerdp2 (2.1.1+dfsg1-0ubuntu0.18.04.1) bionic-security; urgency=medium

  * Updated to 2.1.1 to fix multiple security issues.
    - debian/patches/*.patch: removed, no longer needed with new version.
    - debian/patches/1001_spelling-fixes.patch: fix spelling mistake.
    - debian/rules: set WITH_PROXY=OFF for now.
    - debian/control: added libcairo2-dev to Build-Depends.
    - debian/rules: set WITH_CAIRO=ON.
    - debian/control: added libicu-dev to Build-Depends.
    - debian/rules: set WITH_ICU=ON.
    - debian/*symbols: updated for new version.
    - CVE-2019-17177, CVE-2020-11042, CVE-2020-11044, CVE-2020-11045,
      CVE-2020-11046, CVE-2020-11047, CVE-2020-11048, CVE-2020-11049,
      CVE-2020-11058, CVE-2020-11521, CVE-2020-11522, CVE-2020-11523,
      CVE-2020-11524, CVE-2020-11525, CVE-2020-11526, CVE-2020-13396,
      CVE-2020-13397, CVE-2020-13398, CVE-2018-1000852

 -- Marc Deslauriers <email address hidden> Tue, 26 May 2020 13:03:15 -0400

CVE-2019-17177 libfreerdp/codec/region.c in FreeRDP through 1.1.x and 2.x through 2.0.0-rc4 has memory leaks because a supplied realloc pointer (i.e., the first arg
CVE-2020-11042 In FreeRDP greater than 1.1 and before 2.0.0, there is an out-of-bounds read in update_read_icon_info. It allows reading a attacker-defined amount of
CVE-2020-11044 In FreeRDP greater than 1.2 and before 2.0.0, a double free in update_read_cache_bitmap_v3_order crashes the client application if corrupted data fro
CVE-2020-11045 In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bound read in in update_read_bitmap_data that allows client memory to be read to an image b
CVE-2020-11046 In FreeRDP after 1.0 and before 2.0.0, there is a stream out-of-bounds seek in update_read_synchronize that could lead to a later out-of-bounds read.
CVE-2020-11047 In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bounds read in autodetect_recv_bandwidth_measure_results. A malicious server can extract up
CVE-2020-11048 In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bounds read. It only allows to abort a session. No data extraction is possible. This has be
CVE-2020-11049 In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bound read of client memory that is then passed on to the protocol parser. This has been pa
CVE-2020-11058 In FreeRDP after 1.1 and before 2.0.0, a stream out-of-bounds seek in rdp_read_font_capability_set could lead to a later out-of-bounds read. As a res
CVE-2020-11521 libfreerdp/codec/planar.c in FreeRDP version > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write.
CVE-2020-11522 libfreerdp/gdi/gdi.c in FreeRDP > 1.0 through 2.0.0-rc4 has an Out-of-bounds Read.
CVE-2020-11523 libfreerdp/gdi/region.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Integer Overflow.
CVE-2020-11524 libfreerdp/codec/interleaved.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write.
CVE-2020-11525 libfreerdp/cache/bitmap.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out of bounds read.
CVE-2020-11526 libfreerdp/core/update.c in FreeRDP versions > 1.1 through 2.0.0-rc4 has an Out-of-bounds Read.
CVE-2020-13396 An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in ntlm_read_ChallengeMessage in winpr/l
CVE-2020-13397 An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in security_fips_decrypt in libfreerdp/c
CVE-2020-13398 An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) write vulnerability has been detected in crypto_rsa_common in libfreerdp/cryp
CVE-2018-1000852 FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/



About   -   Send Feedback to @ubuntu_updates