Fix CVE-2024-32661

(cherry picked from commit 4bddea79bbdd874d2512a3bac68ee2f10129ee82)

CVE-2024-32661.patch

@@ -0,0 +1,25 @@
+From 71e463e31b4d69f4022d36bfc814592f56600793 Mon Sep 17 00:00:00 2001
+From: akallabeth <akallabeth@posteo.net>
+Date: Sun, 21 Apr 2024 13:56:13 +0200
+Subject: [PATCH] [core,info] fix missing check in rdp_write_logon_info_v1
+
+Origin: https://github.com/FreeRDP/FreeRDP/commit/71e463e31b4d69f4022d36bfc814592f56600793
+
+---
+ libfreerdp/core/info.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+--- a/libfreerdp/core/info.c
++++ b/libfreerdp/core/info.c
+@@ -1322,6 +1322,10 @@ static BOOL rdp_write_logon_info_v1(wStr
+ 		return FALSE;
+ 
+ 	/* domain */
++	WINPR_ASSERT(info);
++	if (!info->domain || !info->username)
++		return FALSE;
++
+ 	ilen = ConvertToUnicode(CP_UTF8, 0, info->domain, -1, &wString, 0);
+ 
+ 	if (ilen < 0)
+

freerdp.spec

@@ -1,6 +1,6 @@
 Name:           freerdp
 Version:        2.11.7
-Release:        1
+Release:        2
 Epoch:          2
 Summary:        A Remote Desktop Protocol Implementation
 License:        Apache-2.0
@@ -8,6 +8,7 @@ URL:            http://www.freerdp.com
 
 Source0:        https://github.com/FreeRDP/FreeRDP/releases/download/%{version}/freerdp-%{version}.tar.gz
 Patch0001:	Fix-freerdp-shadow-cli-exit-codes-for-help-and-version.patch
+Patch0002:      CVE-2024-32661.patch
 
 BuildRequires:  gcc gcc-c++ alsa-lib-devel cmake >= 2.8 cups-devel gsm-devel libXrandr-devel libXv-devel
 BuildRequires:  libjpeg-turbo-devel libjpeg-turbo-devel libX11-devel libXcursor-devel libxkbfile-devel
@@ -137,6 +138,9 @@ echo "%{_libdir}/freerdp2" > %{buildroot}%{_sysconfdir}/ld.so.conf.d/%{name}-%{_
 %{_mandir}/*/*
 
 %changelog
+* Mon May 06 2024 wangkai <13474090681@163.com> - 2:2.11.7-2
+- Fix CVE-2024-32661
+
 * Tue Apr 23 2024 wangkai <13474090681@163.com> - 2:2.11.7-1
 - Update to 2.11.7 for fix CVE-2024-32039,CVE-2024-32040,
   CVE-2024-32041,CVE-2024-32458,CVE-2024-32459,CVE-2024-32460,