ubuntu/+source/freerdp:applied/ubuntu/cosmic-updates

Last commit made on 2019-05-28
Get this branch:
git clone -b applied/ubuntu/cosmic-updates https://git.launchpad.net/ubuntu/+source/freerdp
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/cosmic-updates
Repository:
lp:ubuntu/+source/freerdp

Recent commits

3218d04... by Eduardo dos Santos Barretto on 2019-05-27

Import patches-applied version 1.1.0~git20140921.1.440916e+dfsg1-15ubuntu1.18.10.1 to applied/ubuntu/cosmic-security

Imported using git-ubuntu import.

Changelog parent: 1a2a875e1354f256cd90b7aaeff5eecdfae8d8d4
Unapplied parent: 77c69d4fdc4ec936b5fa41b5155663e167d53637

New changelog entries:
  * SECURITY UPDATE: Integer truncation in update_read_bitmap_update
    - debian/patches/CVE-2018-8786.patch: Promote count to 32-bit integer
      type to avoid integer truncation in libfreerdp/core/update.c. Based on
      upstream patch.
    - CVE-2018-8786
  * SECURITY UPDATE: Integer overflow in gdi_Bitmap_Decompress
    - debian/patches/CVE-2018-8787.patch: Check for and avoid possible
      integer overflow in libfreerdp/gdi/graphics.c. Based on upstream
      patch.
    - CVE-2018-8787
  * SECURITY UPDATE: Buffer overflow in nsc_rle_decode
    - debian/patches/CVE-2018-8788.patch: Check for lengths and avoid
      possible buffer overflow in libfreerdp/codec/nsc.c and
      libfreerdp/codec/nsc_encode.c. Based on upstream patch.
    - CVE-2018-8788
  * SECURITY UPDATE: Out-of-bounds read in ntlm_read_message_fields_buffer
    - debian/patches/CVE-2018-8789.patch: Ensure to use 64-bit integer
      type when checking offset against stream length in
      winpr/libwinpr/sspi/NTLM/ntlm_message.c. Based on upstream patch.
    - CVE-2018-8789

77c69d4... by Eduardo dos Santos Barretto on 2019-05-27

[PATCH] Fixed CVE-2018-8789

Gbp-Pq: CVE-2018-8789.patch.

b26f125... by Eduardo dos Santos Barretto on 2019-05-27

[PATCH] Fixed CVE-2018-8788

Gbp-Pq: CVE-2018-8788.patch.

f27c288... by Eduardo dos Santos Barretto on 2019-05-27

[PATCH] Fixed CVE-2018-8787

Gbp-Pq: CVE-2018-8787.patch.

101a443... by Eduardo dos Santos Barretto on 2019-05-27

[PATCH] Fixed CVE-2018-8786

Gbp-Pq: CVE-2018-8786.patch.

939c43e... by Eduardo dos Santos Barretto on 2019-05-27

[PATCH] Fix CVE-2014-0791

Gbp-Pq: CVE-2014-0791.patch.

7c8b93f... by Eduardo dos Santos Barretto on 2019-05-27

[PATCH 1/1] enable TLS 1+

Gbp-Pq: 0009-enable-TLS-12.patch.

b4e347d... by Eduardo dos Santos Barretto on 2019-05-27

[PATCH] Fix multiple security issues

Gbp-Pq: 0008-Fix-multiple-security-issues.patch.

fd7b52e... by Eduardo dos Santos Barretto on 2019-05-27

Ensure the _aligned_meminfo pointer itself is sufficiently aligned

Gbp-Pq: 1013_aligned_meminfo_alignment.patch.

1ca9453... by Eduardo dos Santos Barretto on 2019-05-27

Fix spelling of "occurred" in an error msg."

Gbp-Pq: 1012_typo-fix.patch.