SUSE-SU-2017:2234-1

CVE-2017-2834: Out-of-bounds write in license_recv() (bsc#1050714)
CVE-2017-2835: Out-of-bounds write in rdprecvtpkt_pdu (bsc#1050712)
CVE-2017-2836: Rdp Client Read Server Proprietary Certificate Denial of Service (bsc#1050699)
CVE-2017-2837: Client GCC Read Server Security Data DoS (bsc#1050704)
CVE-2017-2838: Client License Read Product Info Denial of Service Vulnerability (bsc#1050708)
CVE-2017-2839: Client License Read Challenge Packet Denial of Service (bsc#1050711)

References

Affected packages

SUSE:Linux Enterprise Desktop 12 SP2

freerdp

Package

Name: freerdp
Purl: pkg:rpm/suse/freerdp&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.0.0~git.1463131968.4e66df7-12.3.2

Ecosystem specific

{
    "binaries": [
        {
            "libfreerdp2": "2.0.0~git.1463131968.4e66df7-12.3.2",
            "freerdp": "2.0.0~git.1463131968.4e66df7-12.3.2"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2017:2234-1.json"

SUSE:Linux Enterprise Desktop 12 SP3

freerdp

Package

Name: freerdp
Purl: pkg:rpm/suse/freerdp&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.0.0~git.1463131968.4e66df7-12.3.2

Ecosystem specific

{
    "binaries": [
        {
            "libfreerdp2": "2.0.0~git.1463131968.4e66df7-12.3.2",
            "freerdp": "2.0.0~git.1463131968.4e66df7-12.3.2"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2017:2234-1.json"

SUSE:Linux Enterprise Software Development Kit 12 SP2

freerdp

Package

Name: freerdp
Purl: pkg:rpm/suse/freerdp&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.0.0~git.1463131968.4e66df7-12.3.2

Ecosystem specific

{
    "binaries": [
        {
            "freerdp-devel": "2.0.0~git.1463131968.4e66df7-12.3.2",
            "libfreerdp2": "2.0.0~git.1463131968.4e66df7-12.3.2"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2017:2234-1.json"

SUSE:Linux Enterprise Software Development Kit 12 SP3

freerdp

Package

Name: freerdp
Purl: pkg:rpm/suse/freerdp&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.0.0~git.1463131968.4e66df7-12.3.2

Ecosystem specific

{
    "binaries": [
        {
            "freerdp-devel": "2.0.0~git.1463131968.4e66df7-12.3.2",
            "libfreerdp2": "2.0.0~git.1463131968.4e66df7-12.3.2"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2017:2234-1.json"

SUSE:Linux Enterprise Workstation Extension 12 SP2

freerdp

Package

Name: freerdp
Purl: pkg:rpm/suse/freerdp&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.0.0~git.1463131968.4e66df7-12.3.2

Ecosystem specific

{
    "binaries": [
        {
            "libfreerdp2": "2.0.0~git.1463131968.4e66df7-12.3.2",
            "freerdp": "2.0.0~git.1463131968.4e66df7-12.3.2"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2017:2234-1.json"

SUSE:Linux Enterprise Workstation Extension 12 SP3

freerdp

Package

Name: freerdp
Purl: pkg:rpm/suse/freerdp&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.0.0~git.1463131968.4e66df7-12.3.2

Ecosystem specific

{
    "binaries": [
        {
            "libfreerdp2": "2.0.0~git.1463131968.4e66df7-12.3.2",
            "freerdp": "2.0.0~git.1463131968.4e66df7-12.3.2"
        }
    ]
}

Database specific

source

"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2017:2234-1.json"