[El-errata] ELSA-2026-16482 Moderate: Oracle Linux 9 freerdp security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Thu May 14 22:42:46 UTC 2026
Oracle Linux Security Advisory ELSA-2026-16482
http://linux.oracle.com/errata/ELSA-2026-16482.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
freerdp-2.11.7-1.el9_7.7.x86_64.rpm
freerdp-devel-2.11.7-1.el9_7.7.i686.rpm
freerdp-devel-2.11.7-1.el9_7.7.x86_64.rpm
freerdp-libs-2.11.7-1.el9_7.7.i686.rpm
freerdp-libs-2.11.7-1.el9_7.7.x86_64.rpm
libwinpr-2.11.7-1.el9_7.7.i686.rpm
libwinpr-2.11.7-1.el9_7.7.x86_64.rpm
libwinpr-devel-2.11.7-1.el9_7.7.i686.rpm
libwinpr-devel-2.11.7-1.el9_7.7.x86_64.rpm
aarch64:
freerdp-2.11.7-1.el9_7.7.aarch64.rpm
freerdp-devel-2.11.7-1.el9_7.7.aarch64.rpm
freerdp-libs-2.11.7-1.el9_7.7.aarch64.rpm
libwinpr-2.11.7-1.el9_7.7.aarch64.rpm
libwinpr-devel-2.11.7-1.el9_7.7.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/freerdp-2.11.7-1.el9_7.7.src.rpm
Related CVEs:
CVE-2026-25952
CVE-2026-26986
CVE-2026-27951
CVE-2026-29775
CVE-2026-31883
CVE-2026-31884
CVE-2026-31885
CVE-2026-33985
Description of changes:
[2:2.11.7-1.7]
- Fix double free in xf_rail_window_common cleanup (CVE-2026-26986)
- Fix growth of preallocated buffers (CVE-2026-27951)
- Fix heap-buffer-overflow in bitmap_cache_put (CVE-2026-29775)
- Add DSP format checks (CVE-2026-31884)
- Fix DSP array bounds checks (CVE-2026-31883)
- Fix DSP array bounds checks (CVE-2026-31885)
- Update CLEAR_GLYPH_ENTRY::count after alloc (CVE-2026-33985)
Resolves: RHEL-159815, RHEL-155477, RHEL-161046, RHEL-161481
Resolves: RHEL-161517, RHEL-161084, RHEL-167803
More information about the El-errata
mailing list