-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                              ESB-2018.3856.2
                          FreeRDP vulnerabilities
                                29 May 2019

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           freerdp
                   freerdp2
Publisher:         Ubuntu
Operating System:  Ubuntu
                   Linux variants
                   Windows
                   Mac OS
Impact/Access:     Execute Arbitrary Code/Commands -- Remote with User Interaction
                   Denial of Service               -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2018-8789 CVE-2018-8788 CVE-2018-8787
                   CVE-2018-8786 CVE-2018-8785 CVE-2018-8784

Original Bulletin: 
   http://www.ubuntu.com/usn/usn-3845-1
   https://usn.ubuntu.com/3845-2/

Comment: This bulletin contains two (2) Ubuntu security advisories.
         
         This advisory references vulnerabilities in products which run on 
         platforms other than Ubuntu. It is recommended that administrators 
         running freerdp or freerdp2 check for an updated version of the 
         software for their operating system.

Revision History:  May      29 2019: Added USN-3845-2
                   December 13 2018: Initial Release

- --------------------------BEGIN INCLUDED TEXT--------------------

==========================================================================
Ubuntu Security Notice USN-3845-1
December 12, 2018

freerdp, freerdp2 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its 
derivatives:

- - Ubuntu 18.10
- - Ubuntu 18.04 LTS
- - Ubuntu 16.04 LTS
- - Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in FreeRDP.

Software Description:
- - freerdp2: RDP client for Windows Terminal Services
- - freerdp: RDP client for Windows Terminal Services

Details:

Eyal Itkin discovered FreeRDP incorrectly handled certain stream 
encodings.  A malicious server could use this issue to cause 
FreeRDP to crash, resulting in a denial of service, or possibly 
execute arbitrary code. This issue only applies to Ubuntu 18.04 
LTS and Ubuntu 18.10. (CVE-2018-8784, CVE-2018-8785)

Eyal Itkin discovered FreeRDP incorrectly handled bitmaps.  A 
malicious server could use this issue to cause FreeRDP to crash, 
resulting in a denial of service, or possibly execute arbitrary 
code. (CVE-2018-8786, CVE-2018-8787)

Eyal Itkin discovered FreeRDP incorrectly handled certain stream 
encodings.  A malicious server could use this issue to cause 
FreeRDP to crash, resulting in a denial of service, or possibly 
execute arbitrary code. This issue only applies to Ubuntu 16.04 
LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-8788)

Eyal Itkin discovered FreeRDP incorrectly handled NTLM 
authentication.  A malicious server could use this issue to cause 
FreeRDP to crash, resulting in a denial of service, or possibly 
execute arbitrary code. This issue only applies to Ubuntu 16.04 
LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-8789)

Update instructions:

The problem can be corrected by updating your system to the 
following package versions:

Ubuntu 18.10:
  libfreerdp-client2-2 
  2.0.0~git20180411.1.7a7b1802+dfsg1-2ubuntu0.1
  libfreerdp2-2 
  2.0.0~git20180411.1.7a7b1802+dfsg1-2ubuntu0.1

Ubuntu 18.04 LTS:
  libfreerdp-client2-2 
  2.0.0~git20170725.1.1648deb+dfsg1-7ubuntu0.1
  libfreerdp2-2 
  2.0.0~git20170725.1.1648deb+dfsg1-7ubuntu0.1

Ubuntu 16.04 LTS:
  libfreerdp-client1.1 
  1.1.0~git20140921.1.440916e+dfsg1-5ubuntu1.3

Ubuntu 14.04 LTS:
  libfreerdp1                     1.0.2-2ubuntu1.2

In general, a standard system update will make all the necessary 
changes.

References:
  https://usn.ubuntu.com/usn/usn-3845-1
  CVE-2018-8784, CVE-2018-8785, CVE-2018-8786, CVE-2018-8787, 
  CVE-2018-8788, CVE-2018-8789

Package Information:
  https://launchpad.net/ubuntu/+source/freerdp2/2.0.0~git20180411.1.7a7b1802+dfsg1-2ubuntu0.1
  https://launchpad.net/ubuntu/+source/freerdp2/2.0.0~git20170725.1.1648deb+dfsg1-7ubuntu0.1
  https://launchpad.net/ubuntu/+source/freerdp/1.1.0~git20140921.1.440916e+dfsg1-5ubuntu1.3
  https://launchpad.net/ubuntu/+source/freerdp/1.0.2-2ubuntu1.2


- ---------------------------------------------------------------------------------

USN-3845-2: FreeRDP vulnerabilities
28 May 2019

freerdp vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:

  o Ubuntu 18.10
  o Ubuntu 18.04 LTS

Summary

Several security issues were fixed in FreeRDP.

Software Description

  o freerdp - RDP client for Windows Terminal Services

Details

USN-3845-1 fixed several vulnerabilities in FreeRDP. This update provides the
corresponding update for Ubuntu 18.04 LTS and Ubuntu 18.10.

Original advisory details:

Eyal Itkin discovered FreeRDP incorrectly handled certain stream encodings. A
malicious server could use this issue to cause FreeRDP to crash, resulting in a
denial of service, or possibly execute arbitrary code. This issue only applies
to Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-8784, CVE-2018-8785)

Eyal Itkin discovered FreeRDP incorrectly handled bitmaps. A malicious server
could use this issue to cause FreeRDP to crash, resulting in a denial of
service, or possibly execute arbitrary code. (CVE-2018-8786, CVE-2018-8787)

Eyal Itkin discovered FreeRDP incorrectly handled certain stream encodings. A
malicious server could use this issue to cause FreeRDP to crash, resulting in a
denial of service, or possibly execute arbitrary code. This issue only applies
to Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-8788)

Eyal Itkin discovered FreeRDP incorrectly handled NTLM authentication. A
malicious server could use this issue to cause FreeRDP to crash, resulting in a
denial of service, or possibly execute arbitrary code. This issue only applies
to Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-8789)

Update instructions

The problem can be corrected by updating your system to the following package
versions:

Ubuntu 18.10
    libfreerdp-client1.1 - 1.1.0~git20140921.1.440916e+dfsg1-15ubuntu1.18.10.1
Ubuntu 18.04 LTS
    libfreerdp-client1.1 - 1.1.0~git20140921.1.440916e+dfsg1-15ubuntu1.18.04.1

To update your system, please follow these instructions: https://
wiki.ubuntu.com/Security/Upgrades .

In general, a standard system update will make all the necessary changes.

References

  o USN-3845-1
  o CVE-2018-8786
  o CVE-2018-8787
  o CVE-2018-8788
  o CVE-2018-8789

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXO3BoWaOgq3Tt24GAQjf0Q//RHRByqw2Z7Ey+pOYKALhUEUP3lOS4O2g
VnKKcVJpxXvwypnzS/9pV9MUYUBNA0FYlot8ac407fRvGILW2IVjnAKGylkrSD/t
Q7M+AaF4noNpmAZ1uWDeZebLMz2G9Qw25ouJpxArloshQAy28KwoJBIHEttJ35/a
jMySWwK7VSGiddfYWPBfT35nIAvXv8/32fTx5q6T+LlTsE4fA11lr0P2umaB9suK
hjac1KHeqczNoN+64FHiv99BOsh3SpTEGpXYuGJCOYjgYKYgPEJHQLumtfkBwwrp
OlAxy3ESDh0IkOfHUoCqcG3qbX3NzExFxtKPa0RDWyf6+77jEMngNMY0l4Yt8SFa
V70jtd+UVUG3pwRQrNdmAMhOJS+MOcQVeOISk2NnpPkOQa3uqraUQe2wAqnZnMpQ
VONC0DGdFX8tA/ib2c+EGZC4w0YfZMlYv8dFeO5g3aH55yi6M/BGkRSwb+YZvXfb
oK1t4mXlaG6ojwd2d0q4StSqiUhuceN4lY1NcEjKBoa7uTTEImQjpgebCnbRNis1
hWPHklteJBtCXNNPOOJ8m68hBcx86yiZfWRzycJqzsFU+MiKKLOAIqLZzUE2k2c4
A1ufD3uEN+dtj0QeWp5mC7gE+fAsX64HQrgaK33uNAGQYwVhFDoGUWgkXpzgXCfo
ryXn9b7CAmg=
=yqfe
-----END PGP SIGNATURE-----