The security issue you refer to looks to have been assigned CVE-2022-24882 which was fixed via https://ubuntu.com/security/notices/USN-5461-1 more than a month ago. If there is still a subsequent bug in gnome-remote-desktop / freerdp then you should file a specific bug about that *and* mark it as public so the appropriate Ubuntu developers can see it.
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2022-24882 ** Changed in: gnome-remote-desktop (Ubuntu) Status: New => Fix Released ** Package changed: gnome-remote-desktop (Ubuntu) => freerdp2 (Ubuntu) ** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to freerdp2 in Ubuntu. https://bugs.launchpad.net/bugs/1982493 Title: gnome-remote-desktop: Couldn't retrieve RDP username: Credentials not set - and more Status in freerdp2 package in Ubuntu: Fix Released Bug description: An immediate upgrade to 2.7.0 appears to be critical both for functionality (cannot work without it and having the backported NTLM fixes) and security: Please see the following for details: https://askubuntu.com/questions/1419705/gnome-remote-desktop-couldnt-retrieve-rdp-username-credentials-not-set-and The FreeRDP developers believe that Ubuntu has not backported the NTLM fixes from 2.7.0 to 2.6.1 and subsequently the reason for the failures users are experiencing. The easier / more clean path appears to be to upgrade to FreeRDP 2.7.0. It seems to be related to this vulnerability bounty: https://vuldb.com/?id.198528 See: * https://www.freerdp.com/2022/04/25/2_7_0-release * https://github.com/FreeRDP/FreeRDP/blob/2.7.0/ChangeLog To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/freerdp2/+bug/1982493/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
