-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Mon, 01 Jun 2020 13:08:46 +0200 Source: freerdp2 Architecture: source Version: 2.0.0~git20190204.1.2693389a+dfsg1-1+deb10u2 Distribution: buster Urgency: medium Maintainer: Debian Remote Maintainers <debian-remote@lists.debian.org> Changed-By: Mike Gabriel <sunweaver@debian.org> Closes: 919281 Changes: freerdp2 (2.0.0~git20190204.1.2693389a+dfsg1-1+deb10u2) buster; urgency=medium . [ Bernhard Miklautz ] * debian/patches - security releated backports from upstream * Add 0003-Fixed-6007-Boundary-checks-in-rdp_read_flow_control.patch * Add 0004-Fixed-6009-Bounds-checks-in-autodetect_recv_bandwidt.patch * Add 0005-Fixed-6006-bounds-checks-in-update_read_synchronize.patch * Add 0006-Fixed-6005-Bounds-checks-in-update_read_bitmap_data.patch * Add 0007-Fixed-6011-Bounds-check-in-rdp_read_font_capability.patch * Add 0008-Fixed-6013-Check-new-length-is-0.patch * Add 0009-Fix-6010-Check-length-in-read_icon_info.patch * Add 0010-Use-substreams-to-parse-gcc_read_server_data_blocks.patch * Add 0011-Fixed-Stream_-macros-bracing-arguments.patch * Add 0012-Use-safe-seek-for-capability-parsing.patch * Add 0013-Fixed-CVE-2020-11525-Out-of-bounds-read-in-bitmap_ca.patch (CVE-2020-11525). * Add 0014-Fixed-6012-CVE-2020-11526-Out-of-bounds-read-in-upda.patch (CVE-2020-11526). * Add 0015-Fix-CVE-2020-11523-clamp-invalid-rectangles-to-size-.patch (CVE-2020-11523). * Add 0016-Fix-CVE-2020-11524-out-of-bounds-access-in-interleav.patch (CVE-2020-11524). * Add 0017-Fixed-CVE-2020-11522-Limit-number-of-DELTA_RECT-to-4.patch (CVE-2020-11522). * Add 0018-Fixed-CVE-2020-11521-Out-of-bounds-write-in-planar-c.patch (CVE-2020-11521). * Add 0019-Fixed-possible-NULL-access.patch * Add 0020-Check-for-int-overflow-in-gdi_InvalidateRegion.patch . [ Mike Gabriel ] * debian/patches: + Add 0002_fix-channels-smartcard-fix-statusw-call.patch. Fix smartcard login failures. (Closes: #919281). Checksums-Sha1: 0aecc531cd84fbfeec8e8896146020eccce7ca3e 3744 freerdp2_2.0.0~git20190204.1.2693389a+dfsg1-1+deb10u2.dsc e16c4cc8b1a7ea31e29338925bf29f3e15c9f18a 50512 freerdp2_2.0.0~git20190204.1.2693389a+dfsg1-1+deb10u2.debian.tar.xz ae0fb5fe75cfc8f22ae4fb4a8d09c2a4bdb03d86 15945 freerdp2_2.0.0~git20190204.1.2693389a+dfsg1-1+deb10u2_source.buildinfo Checksums-Sha256: ea487af126f5bdcfe0ee8f0bda64c87f41c9f6b346e9d8d724f7ae35dd303125 3744 freerdp2_2.0.0~git20190204.1.2693389a+dfsg1-1+deb10u2.dsc 89d7d31cb8c9c0081d5e1ac5c72221ac4dc5bc25bdefa453e2f3f6ec925b9cf3 50512 freerdp2_2.0.0~git20190204.1.2693389a+dfsg1-1+deb10u2.debian.tar.xz dc2ab78af7d6d9d0d6e06fb061260991d1d458ba719a9e6e40b27e9c8bce93b6 15945 freerdp2_2.0.0~git20190204.1.2693389a+dfsg1-1+deb10u2_source.buildinfo Files: 820beef85c310714ec9b916f7d099952 3744 x11 optional freerdp2_2.0.0~git20190204.1.2693389a+dfsg1-1+deb10u2.dsc 3ffd0bc6f6b0c5ce6847c645ab9311e7 50512 x11 optional freerdp2_2.0.0~git20190204.1.2693389a+dfsg1-1+deb10u2.debian.tar.xz b67d1f63ad376d8cb26400e385efd2cc 15945 x11 optional freerdp2_2.0.0~git20190204.1.2693389a+dfsg1-1+deb10u2_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJJBAEBCAAzFiEEm/uu6GwKpf+/IgeCmvRrMCV3GzEFAl7U4ywVHHN1bndlYXZl ckBkZWJpYW4ub3JnAAoJEJr0azAldxsxajQP/0KZuMaD2VDtaQ0A2FxRfcY9Te+P DLUti4qKYsop83vksAimOyXUyqpIhDoZ83QLq7laq/BXnbHqL0aPxMwngLBthjXS 0UtqXuYcB0bffTh+0kAaOzvL/V/QVpKwfd1tycOSBTUBAZfzb+IQMDVTwMuH8Nso ztkOD2lOnwI5Bj1gbfFoHr3dNsg5aGyJGo66OxQmT+YZ7Y/Jq8MuO9RLpxytR+Rn YydVNb7ncY8v9EBqnhAtodjFyzBnOOKx+s9ZIOxn2z5K+Y4777SYPOOFZTisV1Oc b0tDsAR8xzE5EhIcpUQO4szI015LMDWma3fhOR7MzsP5FwIe2qmwIHqCbmcnevBG e3QDs95FgFo4aYgMkwbxc1nw14yoe4q48TVjq5WiidxpZkn7DQntVg+ls7Cpo0aY wBuiA1h3ayvTHMbnI8JX+Bg+wC6ZvdRVu34qcAhtzhWf4wSn3wyyuOU5qOdxw1fY ibRknZB4jC8oEfmC5l2JWErj6a1VKTnhRKdAHvVJ2bKVe1Q7ugJr4Ae3YW985EQo bzoUVQMjmZ3FUxOwgKIevdqKDHR/dDXXxyd8ptAWugyoNIzRYOXLBUfit+i+KXtA KyFFISscLf+OgF9oKxd6pYn7W++hcRqgycbKywbKq5kfval7o6hXS+zD6zgq962V YK9IQ5D8RoUsrggS =4hyY -----END PGP SIGNATURE-----