GNU bug report logs - #27939
FreeRDP CVE-2017-2834 CVE-2017-2835 CVE-2017-2836 CVE-2017-2837 CVE-2017-2838 CVE-2017-2839

Previous Next

Package: guix;

Reported by: Leo Famulari <leo <at> famulari.name>

Date: Thu, 3 Aug 2017 22:07:01 UTC

Severity: normal

Done: Marius Bakke <mbakke <at> fastmail.com>

Bug is archived. No further changes may be made.

Full log

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Leo Famulari <leo <at> famulari.name>
To: bug-guix <at> gnu.org
Cc: Thomas Danckaert <thomas.danckaert <at> gmail.com>
Subject: FreeRDP CVE-2017-2834 CVE-2017-2835 CVE-2017-2836 CVE-2017-2837
 CVE-2017-2838 CVE-2017-2839
Date: Thu, 3 Aug 2017 18:05:29 -0400

[Message part 1 (text/plain, inline)]

The bugs corresponding to CVE-2017-2834 CVE-2017-2835 CVE-2017-2836
CVE-2017-2837 CVE-2017-2838 CVE-2017-2839 were recently fixed in the
FreeRDP Git repo:

https://github.com/FreeRDP/FreeRDP/commit/03ab68318966c3a22935a02838daaea7b7fbe96c

The most serious of these bugs allow the remote server (or any server in
between) to execute arbitrary code on your machine.

However, these changes do not apply cleanly to our version of FreeRDP. I
don't have to port these changes back right now.

[signature.asc (application/pgp-signature, inline)]

This bug report was last modified 7 years and 336 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #27939 FreeRDP CVE-2017-2834 CVE-2017-2835 CVE-2017-2836 CVE-2017-2837 CVE-2017-2838 CVE-2017-2839

GNU bug report logs - #27939
FreeRDP CVE-2017-2834 CVE-2017-2835 CVE-2017-2836 CVE-2017-2837 CVE-2017-2838 CVE-2017-2839