ubuntu/+source/freerdp:applied/ubuntu/bionic-updates

Last commit made on 2019-05-28
Get this branch:
git clone -b applied/ubuntu/bionic-updates https://git.launchpad.net/ubuntu/+source/freerdp
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/bionic-updates
Repository:
lp:ubuntu/+source/freerdp

Recent commits

35c2753... by Eduardo dos Santos Barretto on 2019-05-27

Import patches-applied version 1.1.0~git20140921.1.440916e+dfsg1-15ubuntu1.18.04.1 to applied/ubuntu/bionic-security

Imported using git-ubuntu import.

Changelog parent: 1a2a875e1354f256cd90b7aaeff5eecdfae8d8d4
Unapplied parent: 2212be4e4d16a893ec9d14a2361f7c167515cb6d

New changelog entries:
  * SECURITY UPDATE: Integer truncation in update_read_bitmap_update
    - debian/patches/CVE-2018-8786.patch: Promote count to 32-bit integer
      type to avoid integer truncation in libfreerdp/core/update.c. Based on
      upstream patch.
    - CVE-2018-8786
  * SECURITY UPDATE: Integer overflow in gdi_Bitmap_Decompress
    - debian/patches/CVE-2018-8787.patch: Check for and avoid possible
      integer overflow in libfreerdp/gdi/graphics.c. Based on upstream
      patch.
    - CVE-2018-8787
  * SECURITY UPDATE: Buffer overflow in nsc_rle_decode
    - debian/patches/CVE-2018-8788.patch: Check for lengths and avoid
      possible buffer overflow in libfreerdp/codec/nsc.c and
      libfreerdp/codec/nsc_encode.c. Based on upstream patch.
    - CVE-2018-8788
  * SECURITY UPDATE: Out-of-bounds read in ntlm_read_message_fields_buffer
    - debian/patches/CVE-2018-8789.patch: Ensure to use 64-bit integer
      type when checking offset against stream length in
      winpr/libwinpr/sspi/NTLM/ntlm_message.c. Based on upstream patch.
    - CVE-2018-8789

2212be4... by Eduardo dos Santos Barretto on 2019-05-27

[PATCH] Fixed CVE-2018-8789

Gbp-Pq: CVE-2018-8789.patch.

5409a56... by Eduardo dos Santos Barretto on 2019-05-27

[PATCH] Fixed CVE-2018-8788

Gbp-Pq: CVE-2018-8788.patch.

1eaa3d5... by Eduardo dos Santos Barretto on 2019-05-27

[PATCH] Fixed CVE-2018-8787

Gbp-Pq: CVE-2018-8787.patch.

7132f5c... by Eduardo dos Santos Barretto on 2019-05-27

[PATCH] Fixed CVE-2018-8786

Gbp-Pq: CVE-2018-8786.patch.

f1b08a4... by Eduardo dos Santos Barretto on 2019-05-27

[PATCH] Fix CVE-2014-0791

Gbp-Pq: CVE-2014-0791.patch.

3a17383... by Eduardo dos Santos Barretto on 2019-05-27

[PATCH 1/1] enable TLS 1+

Gbp-Pq: 0009-enable-TLS-12.patch.

3d1ac18... by Eduardo dos Santos Barretto on 2019-05-27

[PATCH] Fix multiple security issues

Gbp-Pq: 0008-Fix-multiple-security-issues.patch.

21deea8... by Eduardo dos Santos Barretto on 2019-05-27

Ensure the _aligned_meminfo pointer itself is sufficiently aligned

Gbp-Pq: 1013_aligned_meminfo_alignment.patch.

fe5c8bb... by Eduardo dos Santos Barretto on 2019-05-27

Fix spelling of "occurred" in an error msg."

Gbp-Pq: 1012_typo-fix.patch.