Buildroot Archive on lore.kernel.org
 help / color / mirror / Atom feed
* [Buildroot] [PATCH 1/1] package/freerdp: security bump to version 2.4.1
@ 2021-10-21 16:55 Fabrice Fontaine
  2021-10-24 14:04 ` Thomas Petazzoni
  2021-10-26 12:15 ` Peter Korsgaard
  0 siblings, 2 replies; 3+ messages in thread
From: Fabrice Fontaine @ 2021-10-21 16:55 UTC (permalink / raw)
  To: buildroot; +Cc: Yann E . MORIN, Fabrice Fontaine

- Fix CVE-2021-41159: Improper client input validation for gateway
  connections allows to overwrite memory
- Fix CVE-2021-41160: Improper region checks in all clients allow out of
  bound write to memory

https://github.com/FreeRDP/FreeRDP/releases/tag/2.4.1

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
 package/freerdp/freerdp.hash | 4 ++--
 package/freerdp/freerdp.mk   | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/package/freerdp/freerdp.hash b/package/freerdp/freerdp.hash
index a6cc16c9ad..637e57e8b0 100644
--- a/package/freerdp/freerdp.hash
+++ b/package/freerdp/freerdp.hash
@@ -1,5 +1,5 @@
-# From https://pub.freerdp.com/releases/freerdp-2.4.0.tar.gz.sha256
-sha256  10ec9b06d74182b354ae288c8e621d94c0fb189b0c3b14a59867ab4c414c08b5  freerdp-2.4.0.tar.gz
+# From https://pub.freerdp.com/releases/freerdp-2.4.1.tar.gz.sha256
+sha256  ef75c87926643a0d0041f6556e343ac037380d4260c64885e7cdd20da0147edf  freerdp-2.4.1.tar.gz
 
 # Locally calculated
 sha256  cfc7749b96f63bd31c3c42b5c471bf756814053e847c10f3eb003417bc523d30  LICENSE
diff --git a/package/freerdp/freerdp.mk b/package/freerdp/freerdp.mk
index 1ff6feeaa7..40a3904024 100644
--- a/package/freerdp/freerdp.mk
+++ b/package/freerdp/freerdp.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-FREERDP_VERSION = 2.4.0
+FREERDP_VERSION = 2.4.1
 FREERDP_SITE = https://pub.freerdp.com/releases
 FREERDP_DEPENDENCIES = libglib2 openssl zlib
 FREERDP_LICENSE = Apache-2.0
-- 
2.33.0

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

^ permalink raw reply related	[flat|nested] 3+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/freerdp: security bump to version 2.4.1
  2021-10-21 16:55 [Buildroot] [PATCH 1/1] package/freerdp: security bump to version 2.4.1 Fabrice Fontaine
@ 2021-10-24 14:04 ` Thomas Petazzoni
  2021-10-26 12:15 ` Peter Korsgaard
  1 sibling, 0 replies; 3+ messages in thread
From: Thomas Petazzoni @ 2021-10-24 14:04 UTC (permalink / raw)
  To: Fabrice Fontaine; +Cc: Yann E . MORIN, buildroot

On Thu, 21 Oct 2021 18:55:32 +0200
Fabrice Fontaine <fontaine.fabrice@gmail.com> wrote:

> - Fix CVE-2021-41159: Improper client input validation for gateway
>   connections allows to overwrite memory
> - Fix CVE-2021-41160: Improper region checks in all clients allow out of
>   bound write to memory
> 
> https://github.com/FreeRDP/FreeRDP/releases/tag/2.4.1
> 
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
> ---
>  package/freerdp/freerdp.hash | 4 ++--
>  package/freerdp/freerdp.mk   | 2 +-
>  2 files changed, 3 insertions(+), 3 deletions(-)

Applied to master, thanks.

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [Buildroot] [PATCH 1/1] package/freerdp: security bump to version 2.4.1
  2021-10-21 16:55 [Buildroot] [PATCH 1/1] package/freerdp: security bump to version 2.4.1 Fabrice Fontaine
  2021-10-24 14:04 ` Thomas Petazzoni
@ 2021-10-26 12:15 ` Peter Korsgaard
  1 sibling, 0 replies; 3+ messages in thread
From: Peter Korsgaard @ 2021-10-26 12:15 UTC (permalink / raw)
  To: Fabrice Fontaine; +Cc: Yann E . MORIN, buildroot

>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice@gmail.com> writes:

 > - Fix CVE-2021-41159: Improper client input validation for gateway
 >   connections allows to overwrite memory
 > - Fix CVE-2021-41160: Improper region checks in all clients allow out of
 >   bound write to memory

 > https://github.com/FreeRDP/FreeRDP/releases/tag/2.4.1

 > Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>

Committed to 2021.02.x and 2021.08.x, thanks.

-- 
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-10-26 12:15 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2021-10-21 16:55 [Buildroot] [PATCH 1/1] package/freerdp: security bump to version 2.4.1 Fabrice Fontaine
2021-10-24 14:04 ` Thomas Petazzoni
2021-10-26 12:15 ` Peter Korsgaard

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox