{"affected":[{"ecosystem_specific":{"binaries":[{"freerdp":"2.0.0~git.1463131968.4e66df7-12.8.1","libfreerdp2":"2.0.0~git.1463131968.4e66df7-12.8.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Desktop 12 SP3","name":"freerdp","purl":"pkg:rpm/suse/freerdp&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.0.0~git.1463131968.4e66df7-12.8.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"freerdp":"2.0.0~git.1463131968.4e66df7-12.8.1","libfreerdp2":"2.0.0~git.1463131968.4e66df7-12.8.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Desktop 12 SP4","name":"freerdp","purl":"pkg:rpm/suse/freerdp&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.0.0~git.1463131968.4e66df7-12.8.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"freerdp-devel":"2.0.0~git.1463131968.4e66df7-12.8.1","libfreerdp2":"2.0.0~git.1463131968.4e66df7-12.8.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Software Development Kit 12 SP3","name":"freerdp","purl":"pkg:rpm/suse/freerdp&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.0.0~git.1463131968.4e66df7-12.8.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"freerdp-devel":"2.0.0~git.1463131968.4e66df7-12.8.1","libfreerdp2":"2.0.0~git.1463131968.4e66df7-12.8.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Software Development Kit 12 SP4","name":"freerdp","purl":"pkg:rpm/suse/freerdp&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.0.0~git.1463131968.4e66df7-12.8.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"freerdp":"2.0.0~git.1463131968.4e66df7-12.8.1","libfreerdp2":"2.0.0~git.1463131968.4e66df7-12.8.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Workstation Extension 12 SP3","name":"freerdp","purl":"pkg:rpm/suse/freerdp&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.0.0~git.1463131968.4e66df7-12.8.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"freerdp":"2.0.0~git.1463131968.4e66df7-12.8.1","libfreerdp2":"2.0.0~git.1463131968.4e66df7-12.8.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Workstation Extension 12 SP4","name":"freerdp","purl":"pkg:rpm/suse/freerdp&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.0.0~git.1463131968.4e66df7-12.8.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for freerdp fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2018-0886: Fix a remote code execution vulnerability (CredSSP) (bsc#1085416, bsc#1087240, bsc#1104918)\n- CVE-2018-8789: Fix several denial of service vulnerabilities in the in the NTLM Authentication module (bsc#1117965)\n- CVE-2018-8785: Fix a potential remote code execution vulnerability in the zgfx_decompress function (bsc#1117967)\n- CVE-2018-8786: Fix a potential remote code execution vulnerability in the update_read_bitmap_update function (bsc#1117966)\n- CVE-2018-8787: Fix a potential remote code execution vulnerability in the gdi_Bitmap_Decompress function (bsc#1117964)\n- CVE-2018-8788: Fix a potential remote code execution vulnerability in the nsc_rle_decode function (bsc#1117963)\n- CVE-2018-8784: Fix a potential remote code execution vulnerability in the zgfx_decompress_segment function (bsc#1116708)\n- CVE-2018-1000852: Fixed a remote memory access in the drdynvc_process_capability_request function (bsc#1120507)\n","id":"SUSE-SU-2019:0134-1","modified":"2019-01-21T12:51:05Z","published":"2019-01-21T12:51:05Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2019/suse-su-20190134-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1085416"},{"type":"REPORT","url":"https://bugzilla.suse.com/1087240"},{"type":"REPORT","url":"https://bugzilla.suse.com/1104918"},{"type":"REPORT","url":"https://bugzilla.suse.com/1116708"},{"type":"REPORT","url":"https://bugzilla.suse.com/1117963"},{"type":"REPORT","url":"https://bugzilla.suse.com/1117964"},{"type":"REPORT","url":"https://bugzilla.suse.com/1117965"},{"type":"REPORT","url":"https://bugzilla.suse.com/1117966"},{"type":"REPORT","url":"https://bugzilla.suse.com/1117967"},{"type":"REPORT","url":"https://bugzilla.suse.com/1120507"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-0886"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-1000852"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-8784"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-8785"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-8786"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-8787"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-8788"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-8789"}],"related":["CVE-2018-0886","CVE-2018-1000852","CVE-2018-8784","CVE-2018-8785","CVE-2018-8786","CVE-2018-8787","CVE-2018-8788","CVE-2018-8789"],"summary":"Security update for freerdp","upstream":["CVE-2018-0886","CVE-2018-1000852","CVE-2018-8784","CVE-2018-8785","CVE-2018-8786","CVE-2018-8787","CVE-2018-8788","CVE-2018-8789"]}