==========================================================================
Ubuntu Security Notice USN-4481-1
September 01, 2020
freerdp2 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 20.04 LTS
– Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in FreeRDP.
Software Description:
– freerdp2: RDP client for Windows Terminal Services
Details:
It was discovered that FreeRDP incorrectly handled certain memory
operations. A remote attacker could use this issue to cause FreeRDP to
crash, resulting in a denial of service, or possibly execute arbitrary
code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS:
libfreerdp-client2-2 2.2.0+dfsg1-0ubuntu0.20.04.1
libfreerdp-server2-2 2.2.0+dfsg1-0ubuntu0.20.04.1
libfreerdp2-2 2.2.0+dfsg1-0ubuntu0.20.04.1
Ubuntu 18.04 LTS:
libfreerdp-client2-2 2.2.0+dfsg1-0ubuntu0.18.04.1
libfreerdp-server2-2 2.2.0+dfsg1-0ubuntu0.18.04.1
libfreerdp2-2 2.2.0+dfsg1-0ubuntu0.18.04.1
This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.
References:
https://usn.ubuntu.com/4481-1
CVE-2020-11095, CVE-2020-11096, CVE-2020-11097, CVE-2020-11098,
CVE-2020-11099, CVE-2020-15103, CVE-2020-4030, CVE-2020-4031,
CVE-2020-4032, CVE-2020-4033
Package Information:
https://launchpad.net/ubuntu/+source/freerdp2/2.2.0+dfsg1-0ubuntu0.20.04.1
https://launchpad.net/ubuntu/+source/freerdp2/2.2.0+dfsg1-0ubuntu0.18.04.1
—–BEGIN PGP SIGNATURE—–
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl9OWroACgkQZWnYVadE
vpOe3Q/+NaKc5xPlRoXLgBSnESzZYgDFuHQZJMe27dZXhJiACi/P2ZCFp2dopZc5
3dRyYvbMo3oGvdCrWv1lr4/2tLfSxn4BiVWEhmydwOaytsjdg7oTX4z3T8sh+wLR
7zyQJ9WgHDK4pAvV32736Krp9G/bPfRzqXstxTFUy8a6b6wt2ZkM2SvvqLjlIAQd
Q3lLji0beGYbFrPgxNltSwLTcfzFoLgeDZWo3H7XwgcTZffEbu+iUcKvBBqHTm9d
2aj/w06ea6cKxA/NWHpwGVL8YULXGHdXVpfrCD8tyYqLfm86dyGLi7Vp0MEumPa5
YlC1fTV+vzAImut3ofqRMizCCkTj9xaiQExN74cpd8dvkgs4J7TIu+fOnnztehCT
AGktijKvrFOC+M8J/Yk43Cb5savivAB74/U5VFtF4f4tNtlg0VZfYPUYNWh5yUb1
Yaa4KBRJbJGJ67D1Zis2k5SvGZjIJeQf0noX0SaKaowxq/4PB4anrrocrVnvn+fI
1JhkM7aKd/Q6x4f6p+o2hILeSSGC8p39iUXV9Edn7e9yJOfyuuyxtul+/ozg7K8m
Pbs6GjtsUNWXaMjOoglRGgG2gq/HHpHR3eJ2F1q3/Qu/JgJy8nn5/BYx7pN8LIHW
EfsSu8EEnDKg3eeE7P8a+LiAw4ZV87CvGzwx89tMlTum+gpfPnw=
=n4+Z
—–END PGP SIGNATURE—–
—