| Errata ID | 601 |
|---|---|
| Date | 2019-02-27 |
| Source package | freerdp |
| Fixed in version | 1.1.0~git20140921.1.440916e+dfsg1-13~deb8u3 |
| Description | This update addresses the following issues: * Backport recent stretch update (+deb9u3) of FreeRDP v1.1 to Debian jessie LTS. * Integer truncation leading to heap-based buffer overflow in update_read_bitmap_update() function (CVE-2018-8786) * Integer overflow leading to heap-based buffer overflow in gdi_Bitmap_Decompress() function (CVE-2018-8787) * Out-of-bounds write in nsc_rle_decode() function (CVE-2018-8788) * Several out-of-bounds reads in NTLM authentication module resulting in a denial of service (CVE-2018-8789) |
| Additional notes | |
| CVE ID | CVE-2018-8786 CVE-2018-8787 CVE-2018-8788 CVE-2018-8789 |
| UCS Bug number | #48768 |
