ALSA-2026:6005

[ALSA-2026:6005] Important: freerdp security update

Type:

security

Severity:

important

Release date:

2026-04-02

Description:

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.  

Security Fix(es):  

  * freerdp: FreeRDP: Arbitrary code execution via heap out-of-bounds write in RLE planar decode path (CVE-2026-26965)
  * freerdp: FreeRDP: Arbitrary code execution via heap buffer overflow in GDI surface pipeline (CVE-2026-26955)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	freerdp-devel-2.11.7-4.el8_10.aarch64.rpm	26910bd725d4e6567146c583382f912f574646fb633161cc921d7a9f636d8b81
aarch64	freerdp-libs-2.11.7-4.el8_10.aarch64.rpm	469d76fcd1e28e387c33392db6bf55977204856c1a85f9947f9408cb25f0b008
aarch64	libwinpr-devel-2.11.7-4.el8_10.aarch64.rpm	867fd0dfe92a9a2a57c4b14b6b2bdf0991dadb5bd1432421a0629ccbebc03244
aarch64	freerdp-2.11.7-4.el8_10.aarch64.rpm	ced8a2ad4b155ba612e3f1b20402dd64823cd2c4d8c04e38c74881d89c2cffbf
aarch64	libwinpr-2.11.7-4.el8_10.aarch64.rpm	eb211ab183deafb10da0810589fa44c49599c7925c21e2d9ea72923aca71aa90
i686	libwinpr-2.11.7-4.el8_10.i686.rpm	3e8bd74782945f6f22afd2c279ad148395eb425d011b95dcae89bf5d3bf887ea
i686	freerdp-devel-2.11.7-4.el8_10.i686.rpm	92d5ab75e933dac10de6354a2e6fd7fd6963712b2029441b174e0dcca574c899
i686	libwinpr-devel-2.11.7-4.el8_10.i686.rpm	9b459c0697315b00c946f3843545e0e0932b0b6d9aaad66f95b90b9beba3dde5
i686	freerdp-libs-2.11.7-4.el8_10.i686.rpm	f7ccfd5a31bf92c18b564c4cb9fe22d4bf8b3222f87ff08b309817f5e0355be7
ppc64le	freerdp-libs-2.11.7-4.el8_10.ppc64le.rpm	2fd56e32eea24d0b7f4338d373d4a64bbbdd12abf2b1be41d3b909bdb7062878
ppc64le	libwinpr-2.11.7-4.el8_10.ppc64le.rpm	4b5cf9ff48dd85bf949c24628df63ce01684199eb65f30f74cbda69c8ad7ff0d
ppc64le	freerdp-devel-2.11.7-4.el8_10.ppc64le.rpm	d012f4fb7aa2811d96f1fff8bea16a9ae230d85acea1dbf73cf880cb2455fadc
ppc64le	libwinpr-devel-2.11.7-4.el8_10.ppc64le.rpm	d937148ab7110cc3375e5b30e288e805f824a9eec9fe72b373256f7257ff0535
ppc64le	freerdp-2.11.7-4.el8_10.ppc64le.rpm	ff377fef29cbe63e7625158e0ca88c503a87db477d0e3c486cd0d0aa88b1625c
s390x	libwinpr-2.11.7-4.el8_10.s390x.rpm	54cee13fbadafe2d81d60caad0958bc2c0064c5bf158fcef47e81120b5b9e254
s390x	freerdp-libs-2.11.7-4.el8_10.s390x.rpm	668c5386eecbc3d7e5d618289de2279b67bd1da73755b202e056e402c7f86430
s390x	libwinpr-devel-2.11.7-4.el8_10.s390x.rpm	bf7e724937176717d65d1910b18a84d7a62981f9384f848186a61f2e1c92a6a3
s390x	freerdp-devel-2.11.7-4.el8_10.s390x.rpm	d74eab88b5e3696bbcc3fc19c11733979f0139ab940ce556ee07a78fa8335e71
s390x	freerdp-2.11.7-4.el8_10.s390x.rpm	ed4172d4038360ffd4ed2b2a4246523c714f07dcdbcbfb205fce63351a24b88e
x86_64	libwinpr-devel-2.11.7-4.el8_10.x86_64.rpm	556b611eefbc8e7981a3587fb2e74643be5f577c5f3c9104a39bc826599d1642
x86_64	libwinpr-2.11.7-4.el8_10.x86_64.rpm	abf0a7bd8c617073d8458a98d412583abd8703cd7a7f4cc2ca5c8e2be8fd8ca2
x86_64	freerdp-devel-2.11.7-4.el8_10.x86_64.rpm	b02dc48d3e05de4ee497c8120dc6829e3cafcd3296af11033beeccd954da1108
x86_64	freerdp-2.11.7-4.el8_10.x86_64.rpm	bdfb0eabb7759e42219c5188e203df00f8f07d768c9b3287c9b36b7fd7766f38
x86_64	freerdp-libs-2.11.7-4.el8_10.x86_64.rpm	ffd2f9d8f3e0f76936d54f68294a5861770500cb6289296836bc5aec987615e4

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.