Accepted freerdp2 2.3.0+dfsg1-2+deb10u4 (source) into oldoldstable
- To: dispatch@tracker.debian.org, debian-lts-changes@lists.debian.org
- Subject: Accepted freerdp2 2.3.0+dfsg1-2+deb10u4 (source) into oldoldstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Fri, 17 Nov 2023 17:00:20 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: freerdp2_2.3.0+dfsg1-2+deb10u4_source.changes
- Debian-source: freerdp2
- Debian-suite: oldoldstable
- Debian-version: 2.3.0+dfsg1-2+deb10u4
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.seger; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=IGgE/o4722oGiTTsuxiJXllQUjCPfZSQWFHYEFZeRPk=; b=X/qZQSBo3UveOYCy2XsXIVF1ee aLPq6S2j9qy40nvtV8SXj8tyqqZuwFp7fqY/v1srLNTf9ZqFWMfMlWkzQGCJ+mcYRzdDi8UKAQ3NW BTJDScvbcsC3zHXS+GTqj4WYWCHVAm/UhIh0gHxBoptyIULOX87ck8+YaOFlKNgINmbsXLVC/JVUv rcNwdRk4rxzSKeQicpXlfGFCBlvSc7LcyRjNnDlCe0/gTeepi73d6NrimH0wvwO80lErWdhWSQKCk L3tKe1zOGGuwj2R9XuO6lxC9v3MjjdplrcbCkTh1sSAXdz06cUoDMyMzG/iEdExur6Y30yd4T5zc5 s9tg6qIg==;
- Mail-followup-to: debian-lts@lists.debian.org
- Message-id: <E1r42Ca-00H02H-FO@seger.debian.org>
- Reply-to: debian-lts@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 17 Nov 2023 17:29:31 +0100
Source: freerdp2
Architecture: source
Version: 2.3.0+dfsg1-2+deb10u4
Distribution: buster-security
Urgency: medium
Maintainer: Debian Remote Maintainers <debian-remote@lists.debian.org>
Changed-By: Tobias Frost <tobi@debian.org>
Closes: 1001062 1021659
Changes:
freerdp2 (2.3.0+dfsg1-2+deb10u4) buster-security; urgency=medium
.
* Non-maintainer upload by the LTS Security Team.
* Import fix for CVE-2021-41160 - Improper region checks in all clients
allow out of bound write to memory (Closes: #1001062)
* Import fix for CVE-2022-24883 - FreeRDP Server authentication might allow
invalid credentials to pass.
* Import fix for (see #1024511)
- CVE-2022-39316 - Out of bound read in zgfx decoder and
- CVE-2022-39318 - Division by zero in urbdrc channel
- CVE-2022-39319 - Missing length validation in urbdrc channel
- CVE-2022-39347 - Missing path sanitation with `drive` channel
- CVE-2022-41877 - Missing input length validation in `drive` channel
* Import fix for CVE-2022-39282 and CVE-2023-39283 (Closes: #1021659)
* Previous upload had a typo in the CVE list: It was CVE 2023-40567 not
CVE 2023-39357; fixing changelog entry.
Checksums-Sha1:
f1676978bcbafd39e39dbf49800d4186a92493d7 3600 freerdp2_2.3.0+dfsg1-2+deb10u4.dsc
15db1727064b78bff6e1eafd7a50458a8a603da9 94240 freerdp2_2.3.0+dfsg1-2+deb10u4.debian.tar.xz
972193273722b5f558e035b1d1cb9bd7bcf710c1 24151 freerdp2_2.3.0+dfsg1-2+deb10u4_amd64.buildinfo
Checksums-Sha256:
6d17df0885e6f4e41979c88756601376dec80d96929268fc9cd7cd3b4f270ac2 3600 freerdp2_2.3.0+dfsg1-2+deb10u4.dsc
8280e9ca0e713ce4982a31f8cb61fa173b634e71bf1e5aee63e19f2d0bb7d316 94240 freerdp2_2.3.0+dfsg1-2+deb10u4.debian.tar.xz
78a5701daf3e6083aa76d3758f448afde0c184d8f30d5e0001bd3b778e3f923d 24151 freerdp2_2.3.0+dfsg1-2+deb10u4_amd64.buildinfo
Files:
a24ea95e9072c0f84456b2ba3a73f5a7 3600 x11 optional freerdp2_2.3.0+dfsg1-2+deb10u4.dsc
b529159dd5d228f5a07f15125e94f101 94240 x11 optional freerdp2_2.3.0+dfsg1-2+deb10u4.debian.tar.xz
0d50b4e8454cbe2a51bd225c5f6d57ad 24151 x11 optional freerdp2_2.3.0+dfsg1-2+deb10u4_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEE/d0M/zhkJ3YwohhskWT6HRe9XTYFAmVXmGYACgkQkWT6HRe9
XTbVsA//dsVCvKh5g4mLwfOGaoDzhQDyNku69duuAvjfr8hcknTMGLp8TVwTIGga
NF18MNd6lgRsBrWYaI0lohMhpMdc6VjzacA3CUKRCRuYnHpk9m3pbGKl4GLHYs7f
84ImPAdok8w1UX1jR46n64dbGEkaQpnfpdrJaM6U78f3cpDa3tr7BjHKqeBKLIBi
PTG+Smv9YZ0P4F3RrnVPcI4bajAR1E0e6r+dHplYKXKZlcVoMV6ObBqTPmgxQd53
yvC7Bf6bF5n/MAKK5E9zp3Q+ogF1LpO4GtcPNJ/C1OUjub7g1u94Bi/7b091DaEP
RBA96dnULnZuDYg5Z6vkKAIhFOdG+b3ZYSXhs6W8KM5LHQNYFsPYzAkiwaVx+LHc
5FbBNAbI/zgRQZTj3dNT9643SR5A+LTjsPlSeFhesMNUuP1rshdYTs0aQjZ86vti
N7nNtmMwv5vNqVFToJFydmN74PXhLcUn3Yc/1GysVx2BQAFDl+/GXyS3IPQN3ojH
70p5Qvtrzmw1WMjdGNcXS6uREifGiq4xuoV/kebgz/F5yjMPmQ+ACJxQ/VWIW9po
sTlowRtUMzCba/dkM6Ce2pPenD8CeiV+aKh2Yho0S6mfT/mz6v7cV3klbjJXIs31
U/hXwqPnOmbsaEExMIPwcSOuOviTss/Xnnn0S6M9e20QbbTw6FE=
=eFhB
-----END PGP SIGNATURE-----