ALSA-2021:4622

[ALSA-2021:4622] Important: freerdp security update

Type:

security

Severity:

important

Release date:

2021-11-12

Description:

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.

Security Fix(es):

* freerdp: improper client input validation for gateway connections allows to overwrite memory (CVE-2021-41159)

* freerdp: improper region checks in all clients allow out of bound write to memory (CVE-2021-41160)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	libwinpr-2.2.0-7.el8_5.aarch64.rpm	0eff093a7a01c558af9544caa3c1a2e059b375004c80249fbabe70bfeef17f1a
aarch64	libwinpr-devel-2.2.0-7.el8_5.aarch64.rpm	438be48577bea29d7273f71a818011d4d1c2f324fecfd2e5ac2769c27d6a92f2
aarch64	freerdp-2.2.0-7.el8_5.aarch64.rpm	76dfe092d38dd88c8d664ae39b87593a39bab1402b424dcc697ed3abbae541de
aarch64	freerdp-devel-2.2.0-7.el8_5.aarch64.rpm	7f991786b1f7d0a8bf81b5bec4a3e93ceaf7f8135ea357df0c67dc3a3a222d27
aarch64	freerdp-libs-2.2.0-7.el8_5.aarch64.rpm	de4dbe74e2c79c989932817c841f839163b208353805fc1e67e326eb601ddb84
i686	freerdp-libs-2.2.0-7.el8_5.i686.rpm	46120c5c013ad8d7e919dfb7c6536bdf5cf5db73712f3d323cbbfb786b897fc8
i686	libwinpr-2.2.0-7.el8_5.i686.rpm	5fb4a2d00feb73a3077430ec4806bd0dce531d0e053efa0cc33226a9ae53a304
i686	libwinpr-devel-2.2.0-7.el8_5.i686.rpm	b1a27a94f4a63fd762dc8c2623779ee5fa6e247ebd2d4ec5043ca0b0f9ed4216
i686	freerdp-devel-2.2.0-7.el8_5.i686.rpm	f2c28edf5d619de42b02a53ec3f35ae0c95e36575c5aafb498ee9e2c408f58c2
ppc64le	freerdp-2.2.0-7.el8_5.ppc64le.rpm	59175161ca8e04f6ab15c579fe814a409b5e9945a0359d7070a57263088ff5d5
ppc64le	libwinpr-devel-2.2.0-7.el8_5.ppc64le.rpm	5bb4a3886beffd416fc3530a8820275094d8ba6e206c237b60314bf3e9919879
ppc64le	libwinpr-2.2.0-7.el8_5.ppc64le.rpm	8c5c6a1c503b4ba8c6980b9d7f8c5b479728846cc312c0cf6401c7f47e8e6c35
ppc64le	freerdp-libs-2.2.0-7.el8_5.ppc64le.rpm	aaa3ff2843e534d0d4610c8675b9ee23e05f492abd48a489799c3bb0d6c9ffa5
ppc64le	freerdp-devel-2.2.0-7.el8_5.ppc64le.rpm	b3d61f58489679b76e852b242f70cc976e745db8e3bca3ed15f0c30c17ddcdfc
x86_64	freerdp-2.2.0-7.el8_5.x86_64.rpm	5f0fdcf50e7a70a04a35b5d2b9597a5519fd05dbf8e26973e53f23e2e7ef5bf8
x86_64	libwinpr-2.2.0-7.el8_5.x86_64.rpm	6ba56d34eea299b121e598eab88e9bd996ae61393c3688ba5eca50d0cda5e869
x86_64	freerdp-devel-2.2.0-7.el8_5.x86_64.rpm	8413776082dddc3aab91013729f8f429c79d095549031fbc2a4afff2c0388ac8
x86_64	freerdp-libs-2.2.0-7.el8_5.x86_64.rpm	a21483128feaddcc09e967fddb583c3c26381f9f3b19514f7d29a1edf6c69730
x86_64	libwinpr-devel-2.2.0-7.el8_5.x86_64.rpm	bd5616a5e49f68779d28f7ceac3cc8aa2e60d70240f30ae4a4ae9dead8620604

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.