[Git][security-tracker-team/security-tracker][master] CVE-2022-39282 and CVE-2022-39283 (freerdp2) - link to likely patch

Sun, 12 Nov 2023 03:48:27 -0800 


Tobias Frost pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
818ee323 by Tobias Frost at 2023-11-12T12:47:57+01:00
CVE-2022-39282 and CVE-2022-39283 (freerdp2) - link to likely patch

Note: It has not been confirmed if this is the correct patch, but comparing 
2.8.0 and 2.8.1 identifies this commit
as the very likely patch.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -83283,11 +83283,13 @@ CVE-2022-39283 (FreeRDP is a free remote desktop 
protocol library and clients. A
        [bullseye] - freerdp2 <no-dsa> (Minor issue)
        [buster] - freerdp2 <no-dsa> (Minor issue)
        NOTE: 
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-6cf9-3328-qrvh
+       NOTE: patch likely: 
https://github.com/FreeRDP/FreeRDP/commit/be793c3bb776c1bbda9156b427408d5a5eb00f70
 (not confirmed by upstream)
 CVE-2022-39282 (FreeRDP is a free remote desktop protocol library and clients. 
FreeRDP ...)
        - freerdp2 2.8.1+dfsg1-1 (bug #1021659)
        [bullseye] - freerdp2 <no-dsa> (Minor issue)
        [buster] - freerdp2 <no-dsa> (Minor issue)
        NOTE: 
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-c45q-wcpg-mxjq
+       NOTE: patch likely: 
https://github.com/FreeRDP/FreeRDP/commit/60aac2abf0740dd36b62712fba91498fd6e055fe
 (not confirmed by upstream)
 CVE-2022-39281 (fat_free_crm is a an open source, Ruby on Rails customer 
relationship  ...)
        NOT-FOR-US: fat_free_crm
 CVE-2022-39280 (dparse is a parser for Python dependency files. dparse in 
versions bef ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/818ee3236b99ff1208e491111754ca1793ea72a8

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/818ee3236b99ff1208e491111754ca1793ea72a8
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to