[ubuntu/noble-security] freerdp3 3.5.1+dfsg1-0ubuntu1.2 (Accepted)
Nishit Majithia
nishit.majithia at canonical.com
Mon Feb 16 04:29:14 UTC 2026
freerdp3 (3.5.1+dfsg1-0ubuntu1.2) noble-security; urgency=medium
* SECURITY UPDATE: null pointer dereference
- debian/patches/CVE-2026-23948.patch: fix missing NULL check
- CVE-2026-23948
* SECURITY UPDATE: heap overflow
- debian/patches/CVE-2026-24491-1.patch: reset channel_callback
before close
- debian/patches/CVE-2026-24491-2.patch: check pointer before
reset
- debian/patches/CVE-2026-24675.patch: do not free MsConfig on
failure
- debian/patches/CVE-2026-24679.patch: ensure InterfaceNumber is
within range
- debian/patches/CVE-2026-24682.patch: fix audin_server_recv_formats
cleanup
- CVE-2026-24491
- CVE-2026-24675
- CVE-2026-24679
- CVE-2026-24682
* SECURITY UPDATE: heap use after free
- debian/patches/CVE-2026-24676.patch: reset audin->format
- debian/patches/CVE-2026-24680.patch: reset pointer after memory
release
- debian/patches/CVE-2026-24681.patch: cancel all usb transfers on
channel close
- debian/patches/CVE-2026-24683.patch: lock context when updating
listener
- debian/patches/CVE-2026-24684-1.patch: terminate thread before
free
- debian/patches/CVE-2026-24684-2.patch: only clean up thread
before free
- CVE-2026-24676
- CVE-2026-24680
- CVE-2026-24681
- CVE-2026-24683
- CVE-2026-24684
Date: 2026-02-13 15:33:11.040829+00:00
Changed-By: Nishit Majithia <nishit.majithia at canonical.com>
https://launchpad.net/ubuntu/+source/freerdp3/3.5.1+dfsg1-0ubuntu1.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the noble-changes
mailing list