Release date:
2026-06-06 00:21:49 UTC
Description:
- CVE-2026-45700: fix out-of-bounds heap write in the RLE planar bitmap decoder; validate the destination X coordinate against the temp buffer stride (nTempStep) instead of the caller-provided destination stride (nDstStep)
- CVE-2026-44421: fix out-of-bounds heap write in gdi_CacheToSurface; copy only the validated, UINT16-clamped destination rectangle dimensions instead of the untruncated cache entry width/height
Updated packages:
-
freerdp-2.1.1-5.el7_9.tuxcare.els22.x86_64.rpm
sha:2ecb35627684042c937b748b735d8a8af278a4ab8e0ba3102afcd790d2203898
-
freerdp-devel-2.1.1-5.el7_9.tuxcare.els22.i686.rpm
sha:d6bd3182339ea472e949c1aad0fee6f1ed0544ec667636f2cfee9c3453fea492
-
freerdp-devel-2.1.1-5.el7_9.tuxcare.els22.x86_64.rpm
sha:6b2ca77f2689196f4f4cd76cc166fc33618c65960d2c8c27d13eff8df7c32a42
-
freerdp-libs-2.1.1-5.el7_9.tuxcare.els22.i686.rpm
sha:754f0a7616cb2208a1ab342b4c4886d6fa3096d92824375f60f73b42ba72566c
-
freerdp-libs-2.1.1-5.el7_9.tuxcare.els22.x86_64.rpm
sha:7c63140c95b6fe2e7c96016ad3a8a056c21a6a4ce27110f2f7f1cae0e9c8c3c6
-
libwinpr-2.1.1-5.el7_9.tuxcare.els22.i686.rpm
sha:526cdfc18a902c19d9d3cdcf9bad486bd653883c8eae021d7a8263db05d6cc0a
-
libwinpr-2.1.1-5.el7_9.tuxcare.els22.x86_64.rpm
sha:bce9284f62d13791ed51db09b244693a9d24100bf41bd714ffa8f502330713d6
-
libwinpr-devel-2.1.1-5.el7_9.tuxcare.els22.i686.rpm
sha:54f740e5dd8b71cb453c9b70d9efe6e94a58214c2cd06d5c95f57a1cdadbdb19
-
libwinpr-devel-2.1.1-5.el7_9.tuxcare.els22.x86_64.rpm
sha:fd97f34b6f8cd5eab64df051934c5412785c309123a9701569c821fa48a60c72
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
