Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker
Commits: c2daf96b by Dominik George at 2022-11-04T08:47:34+01:00 Remove freerdp stretch/jessie entries from CVE list - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -83846,7 +83846,6 @@ CVE-2021-41159 (FreeRDP is a free implementation of the Remote Desktop Protocol [bullseye] - freerdp2 <no-dsa> (Minor issue) [buster] - freerdp2 <no-dsa> (Minor issue) - freerdp <removed> - [stretch] - freerdp <no-dsa> (Minor issue) NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vh34-m9h7-95xq NOTE: https://github.com/FreeRDP/FreeRDP/commit/d39a7ba5c38e3ba3b99b1558dc2ab0970cbfb0c5 (Stable 2.0 backports) NOTE: https://github.com/FreeRDP/FreeRDP/commit/f0b44da67c09488178000725ff9f2729ccfdf9fe @@ -189689,7 +189688,6 @@ CVE-2020-11524 (libfreerdp/codec/interleaved.c in FreeRDP versions > 1.0 thro - freerdp2 2.1.1+dfsg1-1 [buster] - freerdp2 2.0.0~git20190204.1.2693389a+dfsg1-1+deb10u2 - freerdp <removed> - [stretch] - freerdp <no-dsa> (Minor issue) NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-cgw8-3mp2-p5qw NOTE: https://github.com/FreeRDP/FreeRDP/commit/7b1d4b49391b4512402840431757703a96946820 CVE-2020-11523 (libfreerdp/gdi/region.c in FreeRDP versions > 1.0 through 2.0.0-rc4 ...) @@ -190618,7 +190616,6 @@ CVE-2020-11099 (In FreeRDP before version 2.1.2, there is an out of bounds read - freerdp2 2.1.2+dfsg1-1 [buster] - freerdp2 <no-dsa> (Minor issue) - freerdp <removed> - [stretch] - freerdp <no-dsa> (Minor issue) NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-977w-866x-4v5h CVE-2020-11098 (In FreeRDP before version 2.1.2, there is an out-of-bound read in glyp ...) - freerdp2 2.1.2+dfsg1-1 @@ -190630,7 +190627,6 @@ CVE-2020-11097 (In FreeRDP before version 2.1.2, an out of bounds read occurs re - freerdp2 2.1.2+dfsg1-1 [buster] - freerdp2 <no-dsa> (Minor issue) - freerdp <removed> - [stretch] - freerdp <no-dsa> (Minor issue) NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-c8x2-c3c9-9r3f CVE-2020-11096 (In FreeRDP before version 2.1.2, there is a global OOB read in update_ ...) - freerdp2 2.1.2+dfsg1-1 @@ -190670,7 +190666,6 @@ CVE-2020-11087 (In FreeRDP less than or equal to 2.0.0, there is an out-of-bound - freerdp2 2.1.1+dfsg1-1 [buster] - freerdp2 <no-dsa> (Minor issue) - freerdp <removed> - [stretch] - freerdp <no-dsa> (Minor issue) NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-84vj-g73m-chw7 CVE-2020-11086 (In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read ...) - freerdp2 2.1.1+dfsg1-1 @@ -190682,7 +190677,6 @@ CVE-2020-11085 (In FreeRDP before 2.1.0, there is an out-of-bounds read in clipr - freerdp2 2.1.1+dfsg1-1 [buster] - freerdp2 <no-dsa> (Minor issue) - freerdp <removed> - [stretch] - freerdp <no-dsa> (Minor issue) NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-2j4w-v45m-95hf CVE-2020-11084 (In iPear, the manual execution of the eval() function can lead to comm ...) NOT-FOR-US: iPear @@ -190807,7 +190801,6 @@ CVE-2020-11049 (In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bound - freerdp2 2.1.1+dfsg1-1 [buster] - freerdp2 <no-dsa> (Minor issue) - freerdp <removed> - [stretch] - freerdp <no-dsa> (Minor issue) NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-wwh7-r2r8-xjpr NOTE: Fixed with: https://github.com/FreeRDP/FreeRDP/pull/6019 NOTE: https://github.com/FreeRDP/FreeRDP/issues/6008 @@ -190823,7 +190816,6 @@ CVE-2020-11047 (In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bounds - freerdp2 2.1.1+dfsg1-1 [buster] - freerdp2 <no-dsa> (Minor issue) - freerdp <removed> - [stretch] - freerdp <no-dsa> (Minor issue) NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9fw6-m2q8-h5pw NOTE: Fixed by: https://github.com/FreeRDP/FreeRDP/commit/f5e73cc7c9cd973b516a618da877c87b80950b65 NOTE: https://github.com/FreeRDP/FreeRDP/issues/6009 @@ -190854,7 +190846,6 @@ CVE-2020-11043 (In FreeRDP less than or equal to 2.0.0, there is an out-of-bound - freerdp2 2.1.1+dfsg1-1 [buster] - freerdp2 <no-dsa> (Minor issue) - freerdp <removed> - [stretch] - freerdp <no-dsa> (Minor issue) NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-5mr4-28w3-rc84 CVE-2020-11042 (In FreeRDP greater than 1.1 and before 2.0.0, there is an out-of-bound ...) {DLA-2356-1} @@ -190868,25 +190859,21 @@ CVE-2020-11041 (In FreeRDP less than or equal to 2.0.0, an outside controlled ar - freerdp2 2.1.1+dfsg1-1 [buster] - freerdp2 <no-dsa> (Minor issue) - freerdp <removed> - [stretch] - freerdp <no-dsa> (Minor issue) NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-w67c-26c4-2h9w CVE-2020-11040 (In FreeRDP less than or equal to 2.0.0, there is an out-of-bound data ...) - freerdp2 2.1.1+dfsg1-1 [buster] - freerdp2 <no-dsa> (Minor issue) - freerdp <removed> - [stretch] - freerdp <no-dsa> (Minor issue) NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-x4wq-m7c9-rjgr CVE-2020-11039 (In FreeRDP less than or equal to 2.0.0, when using a manipulated serve ...) - freerdp2 2.1.1+dfsg1-1 [buster] - freerdp2 <no-dsa> (Minor issue) - freerdp <removed> - [stretch] - freerdp <no-dsa> (Minor issue) NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-mx9p-f6q8-mqwq CVE-2020-11038 (In FreeRDP less than or equal to 2.0.0, an Integer Overflow to Buffer ...) - freerdp2 2.1.1+dfsg1-1 [buster] - freerdp2 <no-dsa> (Minor issue) - freerdp <removed> - [stretch] - freerdp <no-dsa> (Minor issue) NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-h25x-cqr6-fp6g CVE-2020-11037 (In Wagtail before versions 2.7.2 and 2.8.2, a potential timing attack ...) NOT-FOR-US: Wagtail @@ -191004,21 +190991,16 @@ CVE-2020-11019 (In FreeRDP less than or equal to 2.0.0, when running with logger - freerdp2 2.1.1+dfsg1-1 [buster] - freerdp2 <no-dsa> (Minor issue) - freerdp <removed> - [stretch] - freerdp <no-dsa> (Minor issue) NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-wvrr-2f4r-hjvh CVE-2020-11018 (In FreeRDP less than or equal to 2.0.0, a possible resource exhaustion ...) - freerdp2 2.1.1+dfsg1-1 [buster] - freerdp2 <no-dsa> (Minor issue) - freerdp <removed> - [stretch] - freerdp <no-dsa> (Minor issue) - [jessie] - freerdp <no-dsa> (Minor issue) NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-8cvc-vcw7-6mfw CVE-2020-11017 (In FreeRDP less than or equal to 2.0.0, by providing manipulated input ...) - freerdp2 2.1.1+dfsg1-1 [buster] - freerdp2 <no-dsa> (Minor issue) - freerdp <removed> - [stretch] - freerdp <no-dsa> (Minor issue) - [jessie] - freerdp <no-dsa> (Minor issue) NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-q5c8-fm29-q57c CVE-2020-11016 (IntelMQ Manager from version 1.1.0 and before version 2.1.1 has a vuln ...) NOT-FOR-US: IntelMQ Manager @@ -208965,13 +208947,11 @@ CVE-2020-4032 (In FreeRDP before version 2.1.2, there is an integer casting vuln - freerdp2 2.1.2+dfsg1-1 [buster] - freerdp2 <no-dsa> (Minor issue) - freerdp <removed> - [stretch] - freerdp <no-dsa> (Minor issue) NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-3898-mc89-x2vc CVE-2020-4031 (In FreeRDP before version 2.1.2, there is a use-after-free in gdi_Sele ...) - freerdp2 2.1.2+dfsg1-1 [buster] - freerdp2 <no-dsa> (Minor issue) - freerdp <removed> - [stretch] - freerdp <no-dsa> (Minor issue) NOTE: https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-gwcq-hpq2-m74g CVE-2020-4030 (In FreeRDP before version 2.1.2, there is an out of bounds read in Tri ...) - freerdp2 2.1.2+dfsg1-1 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c2daf96b18dd23425f8da42590d13a9d6bd86475 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c2daf96b18dd23425f8da42590d13a9d6bd86475 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits