mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-04 14:39:54 +00:00
Code Issues Projects Releases Wiki Activity

freerdp: patch CVE-2024-32661

Browse Source 
Pick commit [1] as mentioned in [2] or [3].

[1] https://github.com/FreeRDP/FreeRDP/commit/71e463e31b4d69f4022d36bfc814592f56600793
[2] https://nvd.nist.gov/vuln/detail/CVE-2024-32661
[3] https://security-tracker.debian.org/tracker/CVE-2024-32661

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This commit is contained in:
Peter Marko
2025-03-20 21:26:04 +01:00
committed by Khem Raj
parent 115faefc47
commit c91d6a2c65
2 changed files with 28 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta-oe/recipes-support/freerdp/freerdp/CVE-2024-32661.patch
+27
View File
@@ -0,0 +1,27 @@
From 71e463e31b4d69f4022d36bfc814592f56600793 Mon Sep 17 00:00:00 2001
From: akallabeth <akallabeth@posteo.net>
Date: Sun, 21 Apr 2024 13:56:13 +0200
Subject: [PATCH] [core,info] fix missing check in rdp_write_logon_info_v1
CVE: CVE-2024-32661
Upstream-Status: Backport [https://github.com/FreeRDP/FreeRDP/commit/71e463e31b4d69f4022d36bfc814592f56600793]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
libfreerdp/core/info.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/libfreerdp/core/info.c b/libfreerdp/core/info.c
index 7d6eec137..3395e4d2e 100644
--- a/libfreerdp/core/info.c
+++ b/libfreerdp/core/info.c
@@ -1322,6 +1322,10 @@ static BOOL rdp_write_logon_info_v1(wStream* s, logon_info* info)
return FALSE;
/* domain */
+ WINPR_ASSERT(info);
+ if (!info->domain || !info->username)
+ return FALSE;
+
ilen = ConvertToUnicode(CP_UTF8, 0, info->domain, -1, &wString, 0);
if (ilen < 0)
meta-oe/recipes-support/freerdp/freerdp_2.11.7.bb
+1
View File
@@ -20,6 +20,7 @@ SRC_URI = "git://github.com/FreeRDP/FreeRDP.git;branch=stable-2.0;protocol=https
file://0001-Fix-const-qualifier-error.patch \
file://0002-Do-not-install-tools-a-CMake-targets.patch \
file://0001-Fixed-compilation-warnings-in-ainput-channel.patch \
file://CVE-2024-32661.patch \
"
S = "${WORKDIR}/git"