ubuntu/+source/freerdp:applied/ubuntu/xenial-security

Last commit made on 2018-12-12
Get this branch:
git clone -b applied/ubuntu/xenial-security https://git.launchpad.net/ubuntu/+source/freerdp
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/xenial-security
Repository:
lp:ubuntu/+source/freerdp

Recent commits

ab3b690... by Alex Murray on 2018-12-11

Import patches-applied version 1.1.0~git20140921.1.440916e+dfsg1-5ubuntu1.3 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: a875f3a50be427c43a424818a43675dd863c8fe1
Unapplied parent: feb76591694b41210daf2360716b016891b5ccf1

New changelog entries:
  * SECURITY UPDATE: Integer truncation in update_read_bitmap_update
    - debian/patches/CVE-2018-8786.patch: Promote count to 32-bit integer
      type to avoid integer truncation in libfreerdp/core/update.c. Based on
      upstream patch.
    - CVE-2018-8786
  * SECURITY UPDATE: Integer overflow in gdi_Bitmap_Decompress
    - debian/patches/CVE-2018-8787.patch: Check for and avoid possible
      integer overflow in libfreerdp/gdi/graphics.c. Based on upstream
      patch.
    - CVE-2018-8787
  * SECURITY UPDATE: Buffer overflow in nsc_rle_decode
    - debian/patches/CVE-2018-8788.patch: Check for lengths and avoid
      possible buffer overflow in libfreerdp/codec/nsc.c and
      libfreerdp/codec/nsc_encode.c. Based on upstream patch.
    - CVE-2018-8788
  * SECURITY UPDATE: Out-of-bounds read in ntlm_read_message_fields_buffer
    - debian/patches/CVE-2018-8789.patch: Ensure to use 64-bit integer
      type when checking offset against stream length in
      winpr/libwinpr/sspi/NTLM/ntlm_message.c. Based on upstream patch.
    - CVE-2018-8789

feb7659... by Alex Murray on 2018-12-11

[PATCH] Fixed CVE-2018-8788

Gbp-Pq: CVE-2018-8788.patch.

29958dd... by Alex Murray on 2018-12-11

[PATCH] Fixed CVE-2018-8787

Gbp-Pq: CVE-2018-8787.patch.

41d370c... by Alex Murray on 2018-12-11

[PATCH] Fixed CVE-2018-8786

Gbp-Pq: CVE-2018-8786.patch.

ab45619... by Alex Murray on 2018-12-11

[PATCH] Fixed CVE-2018-8789

Gbp-Pq: CVE-2018-8789.patch.

1999712... by Alex Murray on 2018-12-11

Ensure the _aligned_meminfo pointer itself is sufficiently aligned

Gbp-Pq: alignment_test_failure.patch.

e09274d... by Alex Murray on 2018-12-11

[PATCH] Fix multiple security issues

Gbp-Pq: CVE-2017-283x.patch.

6f93d51... by Alex Murray on 2018-12-11

[PATCH] Fix CVE-2014-0791

Gbp-Pq: CVE-2014-0791.patch.

4add0c8... by Alex Murray on 2018-12-11

[PATCH] build: cmake 3.1 compatibility

Gbp-Pq: 0004_build-cmake-3.1-compatibility.patch.

c439538... by Alex Murray on 2018-12-11

[PATCH] core/glyph: copy data when adding glyph to cache

Gbp-Pq: 0003_copy-data-when-adding-glyph-to-cache.patch.