[El-errata] ELSA-2026-16019 Moderate: Oracle Linux 8 freerdp security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Thu May 14 22:43:20 UTC 2026
Oracle Linux Security Advisory ELSA-2026-16019
http://linux.oracle.com/errata/ELSA-2026-16019.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
freerdp-2.11.7-9.el8_10.x86_64.rpm
freerdp-devel-2.11.7-9.el8_10.i686.rpm
freerdp-devel-2.11.7-9.el8_10.x86_64.rpm
freerdp-libs-2.11.7-9.el8_10.i686.rpm
freerdp-libs-2.11.7-9.el8_10.x86_64.rpm
libwinpr-2.11.7-9.el8_10.i686.rpm
libwinpr-2.11.7-9.el8_10.x86_64.rpm
libwinpr-devel-2.11.7-9.el8_10.i686.rpm
libwinpr-devel-2.11.7-9.el8_10.x86_64.rpm
aarch64:
freerdp-2.11.7-9.el8_10.aarch64.rpm
freerdp-devel-2.11.7-9.el8_10.aarch64.rpm
freerdp-libs-2.11.7-9.el8_10.aarch64.rpm
libwinpr-2.11.7-9.el8_10.aarch64.rpm
libwinpr-devel-2.11.7-9.el8_10.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/freerdp-2.11.7-9.el8_10.src.rpm
Related CVEs:
CVE-2026-25952
CVE-2026-26986
CVE-2026-27951
CVE-2026-29775
CVE-2026-31883
CVE-2026-31884
CVE-2026-31885
CVE-2026-33985
Description of changes:
[2:2.11.7-9]
- Lock appWindow to fix use-after-free in RAIL mode (CVE-2026-25952)
Resolves: RHEL-159850
[2:2.11.7-8]
- Fix double free in xf_rail_window_common cleanup (CVE-2026-26986)
- Fix growth of preallocated buffers (CVE-2026-27951)
- Fix heap-buffer-overflow in bitmap_cache_put (CVE-2026-29775)
- Add DSP format checks (CVE-2026-31884)
- Fix DSP array bounds checks (CVE-2026-31883)
- Fix DSP array bounds checks (CVE-2026-31885)
- Update CLEAR_GLYPH_ENTRY::count after alloc (CVE-2026-33985)
Resolves: RHEL-159806, RHEL-155468, RHEL-161037, RHEL-161472
Resolves: RHEL-161508, RHEL-161075, RHEL-167794
More information about the El-errata
mailing list