Oval Definition:oval:org.opensuse.security:def:53809
Revision Date:2020-12-01Version:1
Title:Security update for freerdp (Important)
Description:

This update for freerdp to version 2.0.0~rc4 fixes the following issues:

Security issues fixed:

- CVE-2018-0886: Fix a remote code execution vulnerability (CredSSP) (bsc#1085416, bsc#1087240, bsc#1104918) - CVE-2018-8789: Fix several denial of service vulnerabilities in the in the NTLM Authentication module (bsc#1117965) - CVE-2018-8785: Fix a potential remote code execution vulnerability in the zgfx_decompress function (bsc#1117967) - CVE-2018-8786: Fix a potential remote code execution vulnerability in the update_read_bitmap_update function (bsc#1117966) - CVE-2018-8787: Fix a potential remote code execution vulnerability in the gdi_Bitmap_Decompress function (bsc#1117964) - CVE-2018-8788: Fix a potential remote code execution vulnerability in the nsc_rle_decode function (bsc#1117963) - CVE-2018-8784: Fix a potential remote code execution vulnerability in the zgfx_decompress_segment function (bsc#1116708) - CVE-2018-1000852: Fixed a remote memory access in the drdynvc_process_capability_request function (bsc#1120507)

Other issues:

- Upgraded to version 2.0.0-rc4 (FATE#326739) - Security and stability improvements, including bsc#1103557 and bsc#1112028 - gateway: multiple fixes and improvements - client/X11: support for rail (remote app) icons was added - The licensing code was re-worked: Per-device licenses are now saved on the client and used on re-connect: WARNING: this is a change in FreeRDP behavior regarding licensing. If the old behavior is required, or no licenses should be saved use the new command line option +old-license (gh#/FreeRDP/FreeRDP#4979) - Improved order handling - only orders that were enable during capability exchange are accepted. WARNING and NOTE: some servers do improperly send orders that weren't negotiated, for such cases the new command line option /relax-order-checks was added to disable the strict order checking. If connecting to xrdp the options /relax-order-checks *and* +glyph-cache are required. (gh#/FreeRDP/FreeRDP#4926) - Fixed automount issues - Fixed several audio and microphone related issues - Fixed X11 Right-Ctrl ungrab feature - Fixed race condition in rdpsnd channel server. - Disabled SSE2 for ARM and powerpc
Family:unixClass:patch
Status:Reference(s):1007829
1012102
1012103
1012104
1013653
1013655
1013663
1024041
1024047
1024076
1024079
1073313
1085416
1087240
1091610
1103557
1104918
1112028
1112852
1116708
1117267
1117963
1117964
1117965
1117966
1117967
1120507
1178682
828003
910252
910253
938248
965748
967671
CVE-2006-4484
CVE-2011-1526
CVE-2011-4862
CVE-2012-0037
CVE-2013-2131
CVE-2014-8116
CVE-2014-8117
CVE-2014-9474
CVE-2015-2590
CVE-2015-2596
CVE-2015-2597
CVE-2015-2601
CVE-2015-2613
CVE-2015-2619
CVE-2015-2621
CVE-2015-2625
CVE-2015-2627
CVE-2015-2628
CVE-2015-2632
CVE-2015-2637
CVE-2015-2638
CVE-2015-2664
CVE-2015-2808
CVE-2015-4000
CVE-2015-4729
CVE-2015-4731
CVE-2015-4732
CVE-2015-4733
CVE-2015-4736
CVE-2015-4748
CVE-2015-4749
CVE-2015-4760
CVE-2016-8864
CVE-2016-9634
CVE-2016-9635
CVE-2016-9636
CVE-2016-9807
CVE-2016-9808
CVE-2016-9810
CVE-2017-17740
CVE-2017-5837
CVE-2017-5839
CVE-2017-5842
CVE-2017-5844
CVE-2018-0886
CVE-2018-1000852
CVE-2018-1115
CVE-2018-12389
CVE-2018-12390
CVE-2018-12392
CVE-2018-12393
CVE-2018-12395
CVE-2018-12396
CVE-2018-12397
CVE-2018-19519
CVE-2018-8784
CVE-2018-8785
CVE-2018-8786
CVE-2018-8787
CVE-2018-8788
CVE-2018-8789
CVE-2020-25708
SUSE-SU-2015:1319-1
SUSE-SU-2016:2697-1
SUSE-SU-2017:0103-1
SUSE-SU-2017:0210-1
SUSE-SU-2017:1039-1
SUSE-SU-2018:1695-1
SUSE-SU-2018:3749-1
SUSE-SU-2018:4149-1
SUSE-SU-2018:4150-1
SUSE-SU-2019:0539-1
SUSE-SU-2020:3515-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Workstation Extension 15
SUSE Linux Enterprise Workstation Extension 15 SP1
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • cron-4.2-lp150.2 is installed
  • OR cronie-1.5.1-lp150.2 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND ledger-3.1.3-lp151.3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • MozillaFirefox-10.0.9-0.3 is installed
  • OR MozillaFirefox-branding-SLED-7-0.6.7 is installed
  • OR MozillaFirefox-translations-10.0.9-0.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND icedtea-web-1.4.2-0.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND cabextract-1.2-2.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • file-5.19-9 is installed
  • OR file-magic-5.19-9 is installed
  • OR libmagic1-5.19-9 is installed
  • OR libmagic1-32bit-5.19-9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • bind-9.9.9P1-49 is installed
  • OR bind-libs-9.9.9P1-49 is installed
  • OR bind-libs-32bit-9.9.9P1-49 is installed
  • OR bind-utils-9.9.9P1-49 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • gstreamer-0_10-plugins-good-0.10.31-16 is installed
  • OR gstreamer-0_10-plugins-good-lang-0.10.31-16 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • libecpg6-9.6.9-3.19 is installed
  • OR libpq5-9.6.9-3.19 is installed
  • OR libpq5-32bit-9.6.9-3.19 is installed
  • OR postgresql96-9.6.9-3.19 is installed
  • OR postgresql96-libs-9.6.9-3.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND krb5-appl-clients-1.0.3-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • cpio-2.11-29 is installed
  • OR cpio-lang-2.11-29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • evince-3.10.3-2.3 is installed
  • OR evince-lang-3.10.3-2.3 is installed
  • OR libevdocument3-4-3.10.3-2.3 is installed
  • OR libevview3-3-3.10.3-2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND libdmx1-1.1.3-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • postgresql94-9.4.24-21.25 is installed
  • OR postgresql94-contrib-9.4.24-21.25 is installed
  • OR postgresql94-docs-9.4.24-21.25 is installed
  • OR postgresql94-plperl-9.4.24-21.25 is installed
  • OR postgresql94-plpython-9.4.24-21.25 is installed
  • OR postgresql94-pltcl-9.4.24-21.25 is installed
  • OR postgresql94-server-9.4.24-21.25 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.39 is installed
  • OR libopenssl1_0_0-1.0.2j-60.39 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.39 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.39 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.39 is installed
  • OR openssl-1.0.2j-60.39 is installed
  • OR openssl-doc-1.0.2j-60.39 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.30 is installed
  • OR libopenssl1_0_0-1.0.2j-60.30 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.30 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.30 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.30 is installed
  • OR openssl-1.0.2j-60.30 is installed
  • OR openssl-doc-1.0.2j-60.30 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND
  • MozillaFirefox-60.7.2-109.80 is installed
  • OR MozillaFirefox-translations-common-60.7.2-109.80 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND
  • MozillaFirefox-60.7.2-109.80 is installed
  • OR MozillaFirefox-translations-common-60.7.2-109.80 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • augeas-1.2.0-15 is installed
  • OR augeas-lenses-1.2.0-15 is installed
  • OR libaugeas0-1.2.0-15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • LibVNCServer-0.9.9-17.19 is installed
  • OR libvncclient0-0.9.9-17.19 is installed
  • OR libvncserver0-0.9.9-17.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • libXvnc1-1.6.0-18.28 is installed
  • OR tigervnc-1.6.0-18.28 is installed
  • OR xorg-x11-Xvnc-1.6.0-18.28 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_176-94_88-default-3-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_24-3-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • rsyslog-8.24.0-3.7 is installed
  • OR rsyslog-diag-tools-8.24.0-3.7 is installed
  • OR rsyslog-doc-8.24.0-3.7 is installed
  • OR rsyslog-module-gssapi-8.24.0-3.7 is installed
  • OR rsyslog-module-gtls-8.24.0-3.7 is installed
  • OR rsyslog-module-mysql-8.24.0-3.7 is installed
  • OR rsyslog-module-pgsql-8.24.0-3.7 is installed
  • OR rsyslog-module-relp-8.24.0-3.7 is installed
  • OR rsyslog-module-snmp-8.24.0-3.7 is installed
  • OR rsyslog-module-udpspoof-8.24.0-3.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • bind-9.11.2-1 is installed
  • OR bind-chrootenv-9.11.2-1 is installed
  • OR bind-doc-9.11.2-1 is installed
  • OR bind-utils-9.11.2-1 is installed
  • OR libbind9-160-9.11.2-1 is installed
  • OR libdns169-9.11.2-1 is installed
  • OR libirs160-9.11.2-1 is installed
  • OR libisc166-9.11.2-1 is installed
  • OR libisc166-32bit-9.11.2-1 is installed
  • OR libisccc160-9.11.2-1 is installed
  • OR libisccfg160-9.11.2-1 is installed
  • OR liblwres160-9.11.2-1 is installed
  • OR python-bind-9.11.2-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 is installed
  • AND Package Information
  • freerdp-2.0.0~rc4-3.3 is installed
  • OR freerdp-devel-2.0.0~rc4-3.3 is installed
  • OR libfreerdp2-2.0.0~rc4-3.3 is installed
  • OR libwinpr2-2.0.0~rc4-3.3 is installed
  • OR winpr2-devel-2.0.0~rc4-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • LibVNCServer-0.9.10-4.25 is installed
  • OR libvncclient0-0.9.10-4.25 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • openstack-swift-2.1.0-4 is installed
  • OR openstack-swift-account-2.1.0-4 is installed
  • OR openstack-swift-container-2.1.0-4 is installed
  • OR openstack-swift-object-2.1.0-4 is installed
  • OR openstack-swift-proxy-2.1.0-4 is installed
  • OR python-swift-2.1.0-4 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • gnutls-3.2.15-18.6 is installed
  • OR libgnutls-openssl27-3.2.15-18.6 is installed
  • OR libgnutls28-3.2.15-18.6 is installed
  • OR libgnutls28-32bit-3.2.15-18.6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • strongswan-5.1.3-26.13 is installed
  • OR strongswan-doc-5.1.3-26.13 is installed
  • OR strongswan-hmac-5.1.3-26.13 is installed
  • OR strongswan-ipsec-5.1.3-26.13 is installed
  • OR strongswan-libs0-5.1.3-26.13 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • libpython3_4m1_0-3.4.6-25.29 is installed
  • OR python3-3.4.6-25.29 is installed
  • OR python3-base-3.4.6-25.29 is installed
  • OR python3-curses-3.4.6-25.29 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND python-SQLAlchemy-1.2.10-3.3 is installed
    • BACK