Bug 1085416 (CVE-2018-0886)

Summary: FreeRDP/Remmina can not connect to Windows 7-10 with March 2018 updates
Product: [openSUSE] openSUSE Distribution Reporter: Johannes Weberhofer <jweberhofer>
Component: OtherAssignee: Felix Zhang <fezhang>
Status: RESOLVED FIXED QA Contact: E-mail List <qa-bugs>
Severity: Major    
Priority: P5 - None CC: astieger, bruno, fezhang, gber, hvdheuvel, jweberhofer, mpluskal, mszeliga, rfrohl, rronnander, winrar+suse.com
Version: Leap 42.3   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Johannes Weberhofer 2018-03-15 07:33:14 UTC 
This issue results on a fix for windows "CredSSP updates for CVE-2018-0886" as described in https://support.microsoft.com/en-us/help/4093492/credssp-updates-for-cve-2018-0886-march-13-2018

Windows 10 (KB4088776)
Windows Server 2016 (KB4088787)
Windows 8.1 (KB4088876)
Windows Server 2012 R2 (KB4088876)
Windows 7 SP1 (KB4088875)
Windows Server 2008 R2 SP1 (KB4088875)

The related FreeRDP/Remmina tickets are:
* https://github.com/FreeRDP/Remmina/issues/1513
* https://github.com/FreeRDP/FreeRDP/issues/4449
Comment 1 Swamp Workflow Management 2018-03-15 09:40:07 UTC 
This is an autogenerated message for OBS integration:
This bug (1085416) was mentioned in
https://build.opensuse.org/request/show/587441 42.3 / freerdp
Comment 2 Andreas Stieger 2018-03-15 11:29:07 UTC 
In Leap 42.3 this package is inherited from SUSE:SLE-12-SP2:Update/freerdp.
Assume that this affects SLE 12 as well, assigning to SLE bugowner.

That being said, we could fork the package in Leap, even if this is not generally desired. Please let maintenance know.
Comment 3 Martin Pluskal 2018-03-21 13:27:35 UTC 
We have submission from community user in https://build.opensuse.org/request/show/589700

I guess that we however want to resolve this for SLE as well
Comment 5 Maciej Szeliga 2018-03-21 13:54:54 UTC 
This is quite critical for people working in mixed environments, they are not able to uninstall the Microsoft fix just because Linux can't connect.

KRDC has the same problem but rdesktop is working (but rdesktop has some funny screen issues with Radeon cards).
Comment 6 Johannes Weberhofer 2018-03-21 14:00:36 UTC 
rdesktop doesn't use xfreerdp IMHO.
Comment 7 Andreas Stieger 2018-03-21 14:02:34 UTC 
we can trigger parallel updates
Comment 8 Andreas Stieger 2018-03-21 14:03:55 UTC 
Processed for openSUSE Maintenance. Test update packages will appear in:
http://download.opensuse.org/repositories/openSUSE:/Maintenance:/7928/
http://download.opensuse.org/update/leap/42.3-test/
Comment 10 Wolfgang Bauer 2018-03-21 19:45:50 UTC 
*** Bug 1086109 has been marked as a duplicate of this bug. ***
Comment 11 Swamp Workflow Management 2018-03-23 23:07:41 UTC 
openSUSE-RU-2018:0791-1: An update that has one recommended fix can now be installed.

Category: recommended (important)
Bug References: 1085416
CVE References: 
Sources used:
openSUSE Leap 42.3 (src):    freerdp-2.0.0~git.1463131968.4e66df7-9.1
Comment 12 Johannes Weberhofer 2018-05-23 10:01:20 UTC 
*** Bug 1086546 has been marked as a duplicate of this bug. ***
Comment 15 Swamp Workflow Management 2019-01-21 17:12:15 UTC 
SUSE-SU-2019:0134-1: An update that solves 8 vulnerabilities and has two fixes is now available.

Category: security (important)
Bug References: 1085416,1087240,1104918,1116708,1117963,1117964,1117965,1117966,1117967,1120507
CVE References: CVE-2018-0886,CVE-2018-1000852,CVE-2018-8784,CVE-2018-8785,CVE-2018-8786,CVE-2018-8787,CVE-2018-8788,CVE-2018-8789
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP4 (src):    freerdp-2.0.0~git.1463131968.4e66df7-12.8.1
SUSE Linux Enterprise Workstation Extension 12-SP3 (src):    freerdp-2.0.0~git.1463131968.4e66df7-12.8.1
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    freerdp-2.0.0~git.1463131968.4e66df7-12.8.1
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    freerdp-2.0.0~git.1463131968.4e66df7-12.8.1
SUSE Linux Enterprise Desktop 12-SP4 (src):    freerdp-2.0.0~git.1463131968.4e66df7-12.8.1
SUSE Linux Enterprise Desktop 12-SP3 (src):    freerdp-2.0.0~git.1463131968.4e66df7-12.8.1
Comment 16 Swamp Workflow Management 2019-01-29 14:22:08 UTC 
openSUSE-SU-2019:0096-1: An update that solves 8 vulnerabilities and has two fixes is now available.

Category: security (important)
Bug References: 1085416,1087240,1104918,1116708,1117963,1117964,1117965,1117966,1117967,1120507
CVE References: CVE-2018-0886,CVE-2018-1000852,CVE-2018-8784,CVE-2018-8785,CVE-2018-8786,CVE-2018-8787,CVE-2018-8788,CVE-2018-8789
Sources used:
openSUSE Leap 42.3 (src):    freerdp-2.0.0~git.1463131968.4e66df7-13.1
Comment 17 Swamp Workflow Management 2019-03-04 20:56:51 UTC 
SUSE-SU-2019:0539-1: An update that solves 8 vulnerabilities and has four fixes is now available.

Category: security (important)
Bug References: 1085416,1087240,1103557,1104918,1112028,1116708,1117963,1117964,1117965,1117966,1117967,1120507
CVE References: CVE-2018-0886,CVE-2018-1000852,CVE-2018-8784,CVE-2018-8785,CVE-2018-8786,CVE-2018-8787,CVE-2018-8788,CVE-2018-8789
Sources used:
SUSE Linux Enterprise Workstation Extension 15 (src):    freerdp-2.0.0~rc4-3.3.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src):    freerdp-2.0.0~rc4-3.3.1
Comment 18 Swamp Workflow Management 2019-03-13 23:14:33 UTC 
openSUSE-SU-2019:0325-1: An update that solves 8 vulnerabilities and has four fixes is now available.

Category: security (important)
Bug References: 1085416,1087240,1103557,1104918,1112028,1116708,1117963,1117964,1117965,1117966,1117967,1120507
CVE References: CVE-2018-0886,CVE-2018-1000852,CVE-2018-8784,CVE-2018-8785,CVE-2018-8786,CVE-2018-8787,CVE-2018-8788,CVE-2018-8789
Sources used:
openSUSE Leap 15.0 (src):    freerdp-2.0.0~rc4-lp150.2.3.1
Comment 21 Swamp Workflow Management 2020-08-18 19:15:31 UTC 
SUSE-SU-2020:2272-1: An update that fixes 46 vulnerabilities is now available.

Category: security (important)
Bug References: 1004108,1050699,1050704,1050708,1050711,1050712,1050714,1085416,1087240,1090677,1103557,1104918,1112028,1116708,1117963,1117964,1117965,1117966,1117967,1120507,1129193,1169679,1169748,1171441,1171443,1171444,1171445,1171446,1171447,1171674,1173247,1173605,1174200,1174321
CVE References: CVE-2017-2834,CVE-2017-2835,CVE-2017-2836,CVE-2017-2837,CVE-2017-2838,CVE-2017-2839,CVE-2018-0886,CVE-2018-1000852,CVE-2018-8784,CVE-2018-8785,CVE-2018-8786,CVE-2018-8787,CVE-2018-8788,CVE-2018-8789,CVE-2020-11017,CVE-2020-11018,CVE-2020-11019,CVE-2020-11038,CVE-2020-11039,CVE-2020-11040,CVE-2020-11041,CVE-2020-11043,CVE-2020-11085,CVE-2020-11086,CVE-2020-11087,CVE-2020-11088,CVE-2020-11089,CVE-2020-11095,CVE-2020-11096,CVE-2020-11097,CVE-2020-11098,CVE-2020-11099,CVE-2020-11521,CVE-2020-11522,CVE-2020-11523,CVE-2020-11524,CVE-2020-11525,CVE-2020-11526,CVE-2020-13396,CVE-2020-13397,CVE-2020-13398,CVE-2020-15103,CVE-2020-4030,CVE-2020-4031,CVE-2020-4032,CVE-2020-4033
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    freerdp-2.1.2-12.20.1, vinagre-3.20.2-16.3.3
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    freerdp-2.1.2-12.20.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.