The bugs corresponding to CVE-2017-2834 CVE-2017-2835 CVE-2017-2836
CVE-2017-2837 CVE-2017-2838 CVE-2017-2839 were recently fixed in the
FreeRDP Git repo:

https://github.com/FreeRDP/FreeRDP/commit/03ab68318966c3a22935a02838daaea7b7fbe96c

The most serious of these bugs allow the remote server (or any server in
between) to execute arbitrary code on your machine.

However, these changes do not apply cleanly to our version of FreeRDP. I
don't have to port these changes back right now.