942da943f3
Fixes the following security issues: - CVE-2018-8785: FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress() that results in a memory corruption and probably even a remote code execution. - CVE-2018-8786: FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code execution. - CVE-2018-8787: FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function gdi_Bitmap_Decompress() and results in a memory corruption and probably even a remote code execution. - CVE-2018-8788: FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of up to 4 bytes in function nsc_rle_decode() that results in a memory corruption and possibly even a remote code execution. - CVE-2018-8789: FreeRDP prior to version 2.0.0-rc4 contains several Out-Of-Bounds Reads in the NTLM Authentication module that results in a Denial of Service (segfault). For details, see the upstream PR: https://github.com/FreeRDP/FreeRDP/pull/5031 Add support to set tls security level (for openssl >= 1.1.0), for RDP protocol version 10 (needed for windows 10 and windows server 2016). Also have some fix and features, seee21b72c95fSigned-off-by: Alexey Lukyanchuk <skif@skif-web.ru> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit1e91d89bf1) [Peter: mention security fixes] Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
4 lines
198 B
Plaintext
4 lines
198 B
Plaintext
# Locally calculated
|
|
sha256 3406f3bfab63f81c1533029a5bf73949ff60f22f6e155c5a08005b8b8afe6d49 freerdp-2.0.0-rc4.tar.gz
|
|
sha256 cfc7749b96f63bd31c3c42b5c471bf756814053e847c10f3eb003417bc523d30 LICENSE
|