NS-SA-2019-0204
2019-10-14 19:29:28
简介
important: linux-firmware/freerdp security update
严重级别
important
主题
An update for linux-firmware/freerdp is now available for NewStart CGSL MAIN 5.04/CGSL CORE 5.04.
NewStart Security has rated this update as having a security impact of important. A Common Vunlnerability Scoring System(CVSS)base score, which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
详细描述
linux-firmware: This package contains the firmware required by the iwlagn driver for Linux to support the iwl100 hardware. Usage of the firmware is subject to the terms and conditions contained inside the provided LICENSE file. Please read it carefully.
freerdp: The xfreerdp & wlfreerdp Remote Desktop Protocol (RDP) clients from the FreeRDP project. xfreerdp & wlfreerdp can connect to RDP servers such as Microsoft Windows machines, xrdp and VirtualBox.
Security Fix(es):
linux-firmware: A vulnerability in Bluetooth pairing potentially allows an attacker with physical proximity (within 30 meters) to gain unauthorized access via an adjacent network, intercept traffic and send forged pairing messages between two vulnerable Bluetooth devices. This may result in information disclosure, elevation of privilege and/or denial of service.(CVE-2018-5383)
linux-firmware: bugfix
freerdp: FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server can read the client's memory.. This attack appear to be exploitable via RDPClient must connect the rdp server with echo option. This vulnerability appears to have been fixed in after commit 205c612820dac644d665b5bb1cdf437dc5ca01e3.(CVE-2018-1000852)
freerdp: bugfix
Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
http://security.gd-linux.com/how_to_apply_patch.html
Remember the build tag is 5.04.F18.
影响组件
影响产品
- CGSL MAIN 5.04
- CGSL CORE 5.04
更新包
{"fix":[{"product":"CGSL MAIN 5.04","pkgs":[{"binary":["iwl100-firmware-39.31.5.1-72.el7.cgslv5.noarch.rpm","iwl1000-firmware-39.31.5.1-72.el7.cgslv5.noarch.rpm","iwl105-firmware-18.168.6.1-72.el7.cgslv5.noarch.rpm","iwl135-firmware-18.168.6.1-72.el7.cgslv5.noarch.rpm","iwl2000-firmware-18.168.6.1-72.el7.cgslv5.noarch.rpm","iwl2030-firmware-18.168.6.1-72.el7.cgslv5.noarch.rpm","iwl3160-firmware-22.0.7.0-72.el7.cgslv5.noarch.rpm","iwl3945-firmware-15.32.2.9-72.el7.cgslv5.noarch.rpm","linux-firmware-20190429-72.gitddde598.el7.cgslv5.noarch.rpm","iwl4965-firmware-228.61.2.24-72.el7.cgslv5.noarch.rpm","iwl5000-firmware-8.83.5.1_1-72.el7.cgslv5.noarch.rpm","iwl5150-firmware-8.24.2.2-72.el7.cgslv5.noarch.rpm","iwl6000-firmware-9.221.4.1-72.el7.cgslv5.noarch.rpm","iwl6000g2a-firmware-17.168.5.3-72.el7.cgslv5.noarch.rpm","iwl6000g2b-firmware-17.168.5.2-72.el7.cgslv5.noarch.rpm","iwl6050-firmware-41.28.5.1-72.el7.cgslv5.noarch.rpm","iwl7260-firmware-22.0.7.0-72.el7.cgslv5.noarch.rpm","iwl7265-firmware-22.0.7.0-72.el7.cgslv5.noarch.rpm"],"source":"linux-firmware-20190429-72.gitddde598.el7.cgslv5.src.rpm"},{"binary":["freerdp-2.0.0-1.rc4.el7.x86_64.rpm","freerdp-debuginfo-2.0.0-1.rc4.el7.x86_64.rpm","freerdp-devel-2.0.0-1.rc4.el7.x86_64.rpm","freerdp-libs-2.0.0-1.rc4.el7.x86_64.rpm","libwinpr-2.0.0-1.rc4.el7.x86_64.rpm","libwinpr-devel-2.0.0-1.rc4.el7.x86_64.rpm"],"source":"freerdp-2.0.0-1.rc4.el7.src.rpm"}]},{"product":"CGSL CORE 5.04","pkgs":[{"binary":["iwl100-firmware-39.31.5.1-72.el7.cgslv5.0.4.gaf514ec.lite.noarch.rpm","iwl1000-firmware-39.31.5.1-72.el7.cgslv5.0.4.gaf514ec.lite.noarch.rpm","iwl105-firmware-18.168.6.1-72.el7.cgslv5.0.4.gaf514ec.lite.noarch.rpm","iwl135-firmware-18.168.6.1-72.el7.cgslv5.0.4.gaf514ec.lite.noarch.rpm","iwl2000-firmware-18.168.6.1-72.el7.cgslv5.0.4.gaf514ec.lite.noarch.rpm","iwl2030-firmware-18.168.6.1-72.el7.cgslv5.0.4.gaf514ec.lite.noarch.rpm","iwl3160-firmware-22.0.7.0-72.el7.cgslv5.0.4.gaf514ec.lite.noarch.rpm","iwl3945-firmware-15.32.2.9-72.el7.cgslv5.0.4.gaf514ec.lite.noarch.rpm","iwl4965-firmware-228.61.2.24-72.el7.cgslv5.0.4.gaf514ec.lite.noarch.rpm","iwl5000-firmware-8.83.5.1_1-72.el7.cgslv5.0.4.gaf514ec.lite.noarch.rpm","iwl5150-firmware-8.24.2.2-72.el7.cgslv5.0.4.gaf514ec.lite.noarch.rpm","iwl6000-firmware-9.221.4.1-72.el7.cgslv5.0.4.gaf514ec.lite.noarch.rpm","iwl6000g2a-firmware-17.168.5.3-72.el7.cgslv5.0.4.gaf514ec.lite.noarch.rpm","iwl6000g2b-firmware-17.168.5.2-72.el7.cgslv5.0.4.gaf514ec.lite.noarch.rpm","linux-firmware-20190429-72.gitddde598.el7.cgslv5.0.4.gaf514ec.lite.noarch.rpm","iwl6050-firmware-41.28.5.1-72.el7.cgslv5.0.4.gaf514ec.lite.noarch.rpm","linux-firmware-core-20190429-72.gitddde598.el7.cgslv5.0.4.gaf514ec.lite.noarch.rpm","iwl7260-firmware-22.0.7.0-72.el7.cgslv5.0.4.gaf514ec.lite.noarch.rpm","iwl7265-firmware-22.0.7.0-72.el7.cgslv5.0.4.gaf514ec.lite.noarch.rpm","linux-firmware-other-20190429-72.gitddde598.el7.cgslv5.0.4.gaf514ec.lite.noarch.rpm"],"source":"linux-firmware-20190429-72.gitddde598.el7.cgslv5.0.4.gaf514ec.lite.src.rpm"},{"binary":["freerdp-2.0.0-1.rc4.el7.x86_64.rpm","freerdp-debuginfo-2.0.0-1.rc4.el7.x86_64.rpm","freerdp-devel-2.0.0-1.rc4.el7.x86_64.rpm","freerdp-libs-2.0.0-1.rc4.el7.x86_64.rpm","libwinpr-2.0.0-1.rc4.el7.x86_64.rpm","libwinpr-devel-2.0.0-1.rc4.el7.x86_64.rpm"],"source":"freerdp-2.0.0-1.rc4.el7.src.rpm"}]}]}
CVE
参考