[ubuntu/lunar-proposed] freerdp2 2.8.1+dfsg1-1ubuntu1 (Accepted)

[Marc Deslauriers]

freerdp2 (2.8.1+dfsg1-1ubuntu1) lunar; urgency=medium

  * SECURITY UPDATE: out of bounds reads in ZGFX decoder component
    - debian/patches/CVE-2022-39316_7.patch: added missing length checks in
      zgfx_decompress_segment in libfreerdp/codec/zgfx.c.
    - CVE-2022-39316
    - CVE-2022-39317
  * SECURITY UPDATE: missing input validation in urbdrc
    - debian/patches/CVE-2022-39318.patch: fixed division by zero in urbdrc
      in channels/urbdrc/client/libusb/libusb_udevice.c.
    - CVE-2022-39318
  * SECURITY UPDATE: missing input length validation in urbdrc
    - debian/patches/CVE-2022-39319-1.patch: fixed missing input buffer
      length check in urbdrc in channels/urbdrc/client/data_transfer.c.
    - debian/patches/CVE-2022-39319-2.patch: added missing length check in
      urb_control_transfer in channels/urbdrc/client/data_transfer.c.
    - CVE-2022-39319
  * SECURITY UPDATE: out of bounds read in usb
    - debian/patches/CVE-2022-39320.patch: ensure urb_create_iocompletion
      uses size_t for calculation in
      channels/urbdrc/client/data_transfer.c.
    - CVE-2022-39320
  * SECURITY UPDATE: missing path canonicalization and base path check
    for drive channel
    - debian/patches/CVE-2022-39347-1.patch: added function _wcsncmp in
      winpr/include/winpr/string.h, winpr/libwinpr/crt/string.c.
    - debian/patches/CVE-2022-39347-2.patch: fix wcs*cmp and wcs*len checks
      in winpr/libwinpr/crt/string.c.
    - debian/patches/CVE-2022-39347-3.patch: added wcsstr implementation in
      winpr/include/winpr/string.h, winpr/libwinpr/crt/string.c.
    - debian/patches/CVE-2022-39347-4.patch: fixed path validation in drive
      channel in channels/drive/client/drive_file.c,
      channels/drive/client/drive_file.h,
      channels/drive/client/drive_main.c.
    - CVE-2022-39347

Date: Mon, 21 Nov 2022 08:33:23 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/freerdp2/2.8.1+dfsg1-1ubuntu1
-------------- next part --------------
Format: 1.8
Date: Mon, 21 Nov 2022 08:33:23 -0500
Source: freerdp2
Built-For-Profiles: noudeb
Architecture: source
Version: 2.8.1+dfsg1-1ubuntu1
Distribution: lunar
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
 freerdp2 (2.8.1+dfsg1-1ubuntu1) lunar; urgency=medium
 .
   * SECURITY UPDATE: out of bounds reads in ZGFX decoder component
     - debian/patches/CVE-2022-39316_7.patch: added missing length checks in
       zgfx_decompress_segment in libfreerdp/codec/zgfx.c.
     - CVE-2022-39316
     - CVE-2022-39317
   * SECURITY UPDATE: missing input validation in urbdrc
     - debian/patches/CVE-2022-39318.patch: fixed division by zero in urbdrc
       in channels/urbdrc/client/libusb/libusb_udevice.c.
     - CVE-2022-39318
   * SECURITY UPDATE: missing input length validation in urbdrc
     - debian/patches/CVE-2022-39319-1.patch: fixed missing input buffer
       length check in urbdrc in channels/urbdrc/client/data_transfer.c.
     - debian/patches/CVE-2022-39319-2.patch: added missing length check in
       urb_control_transfer in channels/urbdrc/client/data_transfer.c.
     - CVE-2022-39319
   * SECURITY UPDATE: out of bounds read in usb
     - debian/patches/CVE-2022-39320.patch: ensure urb_create_iocompletion
       uses size_t for calculation in
       channels/urbdrc/client/data_transfer.c.
     - CVE-2022-39320
   * SECURITY UPDATE: missing path canonicalization and base path check
     for drive channel
     - debian/patches/CVE-2022-39347-1.patch: added function _wcsncmp in
       winpr/include/winpr/string.h, winpr/libwinpr/crt/string.c.
     - debian/patches/CVE-2022-39347-2.patch: fix wcs*cmp and wcs*len checks
       in winpr/libwinpr/crt/string.c.
     - debian/patches/CVE-2022-39347-3.patch: added wcsstr implementation in
       winpr/include/winpr/string.h, winpr/libwinpr/crt/string.c.
     - debian/patches/CVE-2022-39347-4.patch: fixed path validation in drive
       channel in channels/drive/client/drive_file.c,
       channels/drive/client/drive_file.h,
       channels/drive/client/drive_main.c.
     - CVE-2022-39347
Checksums-Sha1:
 109fbb2113585f8678af151af09441c674540764 3576 freerdp2_2.8.1+dfsg1-1ubuntu1.dsc
 8428c9f7112b701f4ca12956013ff77388efeb97 48896 freerdp2_2.8.1+dfsg1-1ubuntu1.debian.tar.xz
 babae058b4ef4a45357b534d5a72a7b6a9ae08b7 13832 freerdp2_2.8.1+dfsg1-1ubuntu1_source.buildinfo
Checksums-Sha256:
 864193935ad07d90e38af9e5f95d572c7ade13d650437f0263a733592948c8cc 3576 freerdp2_2.8.1+dfsg1-1ubuntu1.dsc
 f99e58236c8bc4872331563b0633f7a0a517672ff992a741466c348180c1586a 48896 freerdp2_2.8.1+dfsg1-1ubuntu1.debian.tar.xz
 b1e242c1f308601917f47e5d0f43e4666b4c8b9ea41143248b8fcb05b2c56edc 13832 freerdp2_2.8.1+dfsg1-1ubuntu1_source.buildinfo
Files:
 c15b13b719a8d90559f372251e3311e3 3576 x11 optional freerdp2_2.8.1+dfsg1-1ubuntu1.dsc
 0eb82be32037eef685212d098703e8ce 48896 x11 optional freerdp2_2.8.1+dfsg1-1ubuntu1.debian.tar.xz
 cb527bef59081007a49ffbb0fddf8f8e 13832 x11 optional freerdp2_2.8.1+dfsg1-1ubuntu1_source.buildinfo
Original-Maintainer: Debian Remote Maintainers <debian-remote at lists.debian.org>