NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
c05d10e8c1
kumquat-buildroot/package/freerdp/freerdp.hash
Fabrice Fontaine ecaca2d01e package/freerdp: security bump to version 2.7.0 
Fix CVE-2022-24882: FreeRDP is a free implementation of the Remote
Desktop Protocol (RDP). In versions prior to 2.7.0, NT LAN Manager
(NTLM) authentication does not properly abort when someone provides and
empty password value. This issue affects FreeRDP based RDP Server
implementations. RDP clients are not affected. The vulnerability is
patched in FreeRDP 2.7.0. There are currently no known workarounds.

Fix CVE-2022-24883: FreeRDP is a free implementation of the Remote
Desktop Protocol (RDP). Prior to version 2.7.0, server side
authentication against a `SAM` file might be successful for invalid
credentials if the server has configured an invalid `SAM` file path.
FreeRDP based clients are not affected. RDP server implementations using
FreeRDP to authenticate against a `SAM` file are affected. Version 2.7.0
contains a fix for this issue. As a workaround, use custom
authentication via `HashCallback` and/or ensure the `SAM` database path
configured is valid and the application has file handles left.

https://github.com/FreeRDP/FreeRDP/releases/tag/2.7.0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-05-14 22:56:59 +02:00

6 lines
267 B
Plaintext
Raw Blame History

# From https://pub.freerdp.com/releases/freerdp-2.7.0.tar.gz.sha256
sha256 89000728b6e66ac37db018d6dc5f0981b530fd550ab748877ff42892dd0c166b freerdp-2.7.0.tar.gz
# Locally calculated
sha256 cfc7749b96f63bd31c3c42b5c471bf756814053e847c10f3eb003417bc523d30 LICENSE
Reference in New Issue View Git Blame Copy Permalink