{"schema_version":"1.7.2","id":"OESA-2023-1763","modified":"2023-10-27T11:06:10Z","published":"2023-10-27T11:06:10Z","upstream":["CVE-2020-4030"],"summary":"freerdp security update","details":"FreeRDP is a client implementation of the Remote Desktop Protocol (RDP) that follows Microsoft\u0026apos;s open specifications. This package provides the client applications xfreerdp and wlfreerdp.\r\n\r\nSecurity Fix(es):\r\n\r\nIn FreeRDP before version 2.1.2, there is an out of bounds read in TrioParse. Logging might bypass string length checks due to an integer overflow. This is fixed in version 2.1.2.(CVE-2020-4030)","affected":[{"package":{"ecosystem":"openEuler:20.03-LTS-SP1","name":"freerdp","purl":"pkg:rpm/openEuler/freerdp\u0026distro=openEuler-20.03-LTS-SP1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.11.1-1.oe1"}]}],"ecosystem_specific":{"aarch64":["freerdp-help-2.11.1-1.oe1.aarch64.rpm","freerdp-2.11.1-1.oe1.aarch64.rpm","libwinpr-devel-2.11.1-1.oe1.aarch64.rpm","freerdp-devel-2.11.1-1.oe1.aarch64.rpm","libwinpr-2.11.1-1.oe1.aarch64.rpm","freerdp-debugsource-2.11.1-1.oe1.aarch64.rpm","freerdp-debuginfo-2.11.1-1.oe1.aarch64.rpm"],"src":["freerdp-2.11.1-1.oe1.src.rpm"],"x86_64":["libwinpr-2.11.1-1.oe1.x86_64.rpm","freerdp-help-2.11.1-1.oe1.x86_64.rpm","freerdp-debuginfo-2.11.1-1.oe1.x86_64.rpm","libwinpr-devel-2.11.1-1.oe1.x86_64.rpm","freerdp-debugsource-2.11.1-1.oe1.x86_64.rpm","freerdp-devel-2.11.1-1.oe1.x86_64.rpm","freerdp-2.11.1-1.oe1.x86_64.rpm"]}}],"references":[{"type":"ADVISORY","url":"https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2023-1763"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-4030"}],"database_specific":{"severity":"Medium"}}