|
|
|
|
Changelog for freerdp2-2.11.7-3.9.x86_64.rpm :
* Thu May 09 2024 ecsos - Update to 2.11.7 - Backported oss-fuzz fixes- Update to 2.11.6 * CVE: - CVE-2024-32041 [Low[ OutOfBound Read in zgfx_decompress_segment - CVE-2024-32039 [Moderate] Integer overflow & OutOfBound Write in clear_decompress_residual_data - CVE-2024-32040 [Low] integer underflow in nsc_rle_decode - CVE-2024-32458 [Low] OutOfBound Read in planar_skip_plane_rle - CVE-2024-32459 [Low] OutOfBound Read in ncrush_decompress - CVE-2024-32460 [Low] OutOfBound Read in interleaved_decompress - Backported #10077- Update to 2.11.5 - Fix integer overflow in progressive decoder - Update OpenSSL API usage for compatiblility with newer versions (#9747) - Prevent NULL dereference for single thread decoder (#9712) * Mon Dec 18 2023 ecsos - Update to 2.11.4 - fix a typo in unicode commit (#9652)- Update to 2.11.3 - Disabled windows MEDIA FOUNDATION h264 decoder due to reported issues (#9469) - Fix issues with drive redirection (#9530,9554, #9586, #9617) - Use endian safe ICU string converter (#9631) - Improve AAC support (#9577) - Fix swiss german keyboard layout (#9560) - Enable rfx-mode:image (#9428) * Thu Nov 16 2023 Christophe Marin - Fix winpr-devel dependencies. WinePRTargets- *.cmake defines CMake targets for winpr-hash and winpr-makecert. They have to be present. * Fri Oct 20 2023 Adriankhl - Update to 2.11.2 * Backported #9356: Fix issues with order updates * Backported #9378: backported wArrayList (optional) copy on insert * Backported #9360: backported certificate algorithm detection * Wed Aug 30 2023 Christophe Marin - Update to 2.11.0 * Various input validation fixes * Added various CMake options #9317 * LibreSSL build fixes #8709 * Big endian support * Mouse grabbing support * wayland scrolling fix * Update h264 to use new FFMPEG API * early bail from update_read_window_state_order breaks protocol * rdpecam/server: Remove wrong assertion * bounds checks for gdi/gfx rectangles * enforce rdpdr client side state checks * deactivate mouse grabbing by default * channels/cliprdr: Fix writing incorrect PDU type for unlock PDUs * Fix CVE-2023-39350 - boo#1214856 incorrect offset calculation leading to DoS * Fix CVE-2023-39351 - boo#1214857 Null Pointer Dereference leading DoS in RemoteFX * Fix CVE-2023-39352 - boo#1214858 Invalid offset validation leading to Out Of Bound Write * Fix CVE-2023-39353 - boo#1214859 Missing offset validation leading to Out Of Bound Read * Fix CVE-2023-39354 - boo#1214860 Out-Of-Bounds Read in nsc_rle_decompress_data * Fix CVE-2023-39356 - boo#1214862 Missing offset validation leading to Out-of-Bounds Read in gdi_multi_opaque_rect * Fix CVE-2023-40181 - boo#1214863 Integer-Underflow leading to Out-Of-Bound Read in zgfx_decompress_segment * Fix CVE-2023-40186 - boo#1214864 IntegerOverflow leading to Out-Of-Bound Write Vulnerability in gdi_CreateSurface * Fix CVE-2023-40188 - boo#1214866 Out-Of-Bounds Read in general_LumaToYUV444 * Fix CVE-2023-40567 - boo#1214867 Out-Of-Bounds Write in clear_decompress_bands_data * Fix CVE-2023-40569 - boo#1214868 Out-Of-Bounds Write in progressive_decompress * Fix CVE-2023-40589 - boo#1214872 Global-Buffer-Overflow in ncrush_decompress- Drop patch, now upstream: * Update_h264_to_use_new_FFMPEG_API.patch * Wed May 31 2023 Andreas Schwab - Don\'t compile shared objects with -fPIE and use -pie only for executables- Reenable LTO on ARM * Mon Apr 24 2023 Bjørn Lie - Add Update_h264_to_use_new_FFMPEG_API.patch: Update h264 to use new FFMPEG API. * Thu Feb 16 2023 Hans-Peter Jansen - Ugraded to freerdp 2.10.0 * Fix android build scripts, use CMake from SDK * Fix connection negotiation with mstsc/msrdc #8426 * [ntlm]: use rfc5929 binding hash algorithm #8430 * [channels,printer] Fixed reference counting #8433 * Fix uwac pixman #8439 * Fix Rdp security #8457 * [client,x11] Detect key autorepeat #8522 * [build] add channel path to RPATH #8551 * Fix build with BUILTIN_CHANNELS=OFF #8560 * revert changes so that the osmajortype/osminortype is not overwritten #8571 * [uwac] do not use iso C functions #8604 * [winpr,sam] fix inalid NULL arguments #8605 * Fix incompatible function pointer types #8625 * Fixed issues: * Backported #8581: Ignore data PDUs for DVCs that were not opened successfully * Backported #8498: [channel,urbdrc] fix type of usb hotplug callback * Backported #8537: Extended info enforce limits * Backported #8611: [core] add missing redirection fields- Patches removed, that were accepted upstream + freerdp-builtin-channels-off-link-fix.diff + freerdp-fix-rpath-settings.diff * Fri Dec 16 2022 Hans-Peter Jansen - Complement fix for -DBUILTIN_CHANNELS=OFF to fix freerdp-proxy accessing librdpgfx-client.so: freerdp-fix-rpath-settings.diff Fixes second part of bnc#1205595. * Sun Dec 11 2022 Konstantin Voinov - Disable VAAPI feature due bug https://bugzilla.opensuse.org/show_bug.cgi?id=1205595 * Thu Nov 17 2022 Johannes Weberhofer - Ugraded to freerdp 2.9.0 * Backported #gh:FreeRDP/FreeRDP#8252: Support sending server redirection PDU * Backported #gh:FreeRDP/FreeRDP#8406: Ensure X11 client cursor is never smaller 1x1 * Backported #gh:FreeRDP/FreeRDP#8403: Fixed multiple client side input validation issues - boo#1205512, boo#1205563, boo#1205564 (CVE-2022-39316, CVE-2022-39317, CVE-2022-39318, CVE-2022-39319, CVE-2022-39320, CVE-2022-41877, CVE-2022-39347) * Backported #7282: Proxy server now discards input events sent before activation was received * Backported #gh:FreeRDP/FreeRDP#8324: Internal replacements for md4, md5 and hmac-md5 For the time being the RDP protocol requires these outdated hash algorithms. So any distribution that wants to ship a working FreeRDP should check the options WITH_INTERNAL_MD4 (and depending on OpenSSL deprecation status WITH_INTERNAL_MD5)- Fixed issues: * Backported #gh:FreeRDP/FreeRDP#8341: Null checks in winpr_Digest_Free * Backported #gh:FreeRDP/FreeRDP#8335: Missing NULL return in winpr_Digest_New * Backported #gh:FreeRDP/FreeRDP#8192: Support for audin version 2 microphone channel * Backported #gh:FreeRDP/FreeRDP#7282: Discard input events before activation (Fixes #8374) * Mon Nov 07 2022 Johannes Weberhofer - Ugraded to freerdp 2.8.1 * Fixed CVE-2022-39282 - boo#1204258 using the `/parallel` command line switch might read uninitialized data * Fixed CVE-2022-39283 - boo#1204257 using the `/video` command line switch might read uninitialized data * Added missing commit for backported #gh:FreeRDP/FreeRDP#8041: Remove ALAW/ULAW codecs from linux backends (unreliable) * Added hash checks for android build script dependencies- Fixed issues: * #gh:FreeRDP/FreeRDP#8190: Fix build break with newer FFMPEG versions * #gh:FreeRDP/FreeRDP#8234: Updated flatpak with build script * #gh:FreeRDP/FreeRDP#8210: Better execinfo support check for android * #gh:FreeRDP/FreeRDP#7708: Header now defines DumpThreadHandles * #gh:FreeRDP/FreeRDP#8176: Check fullscreen state and not setting * #gh:FreeRDP/FreeRDP#8236: Send resize on window state change * #gh:FreeRDP/FreeRDP#7611: Audin macOS monterey fix * #gh:FreeRDP/FreeRDP#8291: Android build script update * Fix length checks and initialization in the deprecated (disabled per default) tsmf channel * Mon Aug 08 2022 Bjørn Lie - Ugraded to freerdp 2.8.0 * Backported API to get peer accepted channel option flags * Backported API to get peer accepted channel names * Backported Stream_CheckAndLogRequiredLength * Backported #7954: Add server side handling for [MS-RDPET] * Backported #8010: Add server side handling for [MS-RDPECAM] * Backported #8041: Remove ALAW/ULAW codecs from linux backends (unreliable) * Backported #8051: Relieve CLIPRDR filename restriction when connecting to non-MS Windows servers * Backported #8048: TLS version control * Backported #7987: Add a new command line arg to enforce tls1.2- Fixed issues: * Fixed #7837: Prevent out of bound reads for FFMPEG * Backported #7859 and #7861: Unwind support for backtrace generation * Backported #7440: wlfreerdp appid * Backported #7832: RAIL window restore * Backported #7833: Refactored WinPR thread locking * Backported #7893: Mac rdpsnd memory leak fixes * Backported #7895: Mac audin memory leak fixes * Backported #7898: Automatic android versioning * Backported #7916: GFX 10.7 capability support * Backported #7949: Server RDPSND API improvements * Backported #7957: Server DVC API improvements * Backported #7760: Fixed osMinorType values * Backported #8013: Add missing osMajorType values * Backported #8076: Fix wrong usage of subband diffing flag (tile artifact fix) * Tue Apr 26 2022 Johannes Weberhofer - Upgraded to freerdp 2.7.0 * OpenSSL3 gateway support (#gh:FreeRDP/FreeRDP#7822) * various NTLM fixes * WINPR_ASSERT to ease future backports * Fixed CVE-2022-24882 - boo#1198919 NTLM not properly check parameters * Fixed CVE-2022-24883 - boo#1198921 Fix authentication against invalid SAM files- Fixed issues: * #gh:FreeRDP/FreeRDP#6786: Use /network:auto by default * #gh:FreeRDP/FreeRDP#7714: Workaround for broken surface frame marker * #gh:FreeRDP/FreeRDP#7733: Support 10bit X11 color (BGRX32 only) * #gh:FreeRDP/FreeRDP#7745: GFX progressive double free * #gh:FreeRDP/FreeRDP#7808: Disable websockets with /gt:rpc * #gh:FreeRDP/FreeRDP#7815: RAIL expect LOGON_MSG_SESSION_CONTINUE * Tue Mar 08 2022 Johannes Weberhofer - Upgraded to freerdp 2.6.1 * Decreased logging verbosity, now freerdp is much less verbose by default * Backported freerdp_abort_connect during freerdp_connect fix (#gh:FreeRDP/FreeRDP#7700) * Backported improved version dection see docs/version_detection.md for details * Backported various rdpsnd fixes (#gh:FreeRDP/FreeRDP#7695) * Wed Feb 23 2022 Johannes Weberhofer - Upgraded to freerdp 2.6.0 * Backported android FFMPEG build scripts * Updated android build dependencies * Backported AINPUT channel Fixed issues: * Backported #gh:FreeRDP/FreeRDP#7303: Fix PDU length for RDPINPUT_PROTOCOL_V300 * Backported #gh:FreeRDP/FreeRDP#7658: Sanitize optional physical monitor size values * Backported #gh:FreeRDP/FreeRDP#7426: Wayland memory corruption * Backported #gh:FreeRDP/FreeRDP#7293: Remove unused codec x264 * Backported #gh:FreeRDP/FreeRDP#7541: Allow resolutions larger 2048x2048 * Backported #gh:FreeRDP/FreeRDP#7574: FFMPEG 5.0 support * Backported #gh:FreeRDP/FreeRDP#7578: FFMPEG 5.0 support * Backported #gh:FreeRDP/FreeRDP#7580: Fixed device hotplugging * Backported #gh:FreeRDP/FreeRDP#7583: GetUserNameExA: Prefer getpwuid_r over getlogin_r over getlogin * Backported #gh:FreeRDP/FreeRDP#7585: Android Mediacodec support * Mon Jan 24 2022 Predrag Ivanović - Enable FFmpeg support for Leap-15.2+ * Thu Jan 13 2022 Johannes Weberhofer - Upgraded to freerdp 2.5.0 * Fixed smartcard login in case a redirection occurs the pin was lost * Backported windows client drawing fixes * Backported improved macOS keyboard layout detection * Backported TcpConnectTimeout * Backported LibreSSL compatibility patches * Backported signal handler backtrace * Backported OpenSSL 3.0 support * Backport #gh:FreeRDP/FreeRDP#7539: Wayland client clipboard issues * Backport #gh:FreeRDP/FreeRDP#7509: Various fixes regarding registry emulation, addin loader and updated locale detection * Backport #gh:FreeRDP/FreeRDP#7466: Android android_register_pointer missing initialization * Thu Dec 02 2021 Fabian Vogt - Add patch to fix connecting without H.264-enabled FFmpeg (boo#1190823): * 0001-Make-H.264-codec-optional-during-runtime.patch- Use %autosetup * Thu Oct 21 2021 Johannes Weberhofer - Upgraded to freerdp 2.4.1 Important security issues, boo#1191895: * CVE-2021-41159: Improper client input validation for gateway connections allows to overwrite memory * CVE-2021-41160: Improper region checks in all clients allow out of bound write to memory Noteworthy changes: * Refactored RPC gateway parsing code * OpenSSL 3.0 compatibility fixes * USB redirection: fixed transfer lengths Fixed issues: * #gh:FreeRDP/FreeRDP#7363: Length checks in ConvertUTF8toUTF16 * #gh:FreeRDP/FreeRDP#7349: Added checks for bitmap width and heigth values- Force library update to the latest, renamed versions (followup to boo#1191755) * Wed Oct 20 2021 Johannes Weberhofer - Renamed libraries to follow packaging standards as requested in boo#1191755 * Thu Oct 07 2021 Hans-Peter Jansen - Finally nailed it: CMAKE_INSTALL_LIBDIR is absolute on Leaps and relative on TW, but freerdp requires the relative variant. Fixes boo#1190919 * Wed Oct 06 2021 Hans-Peter Jansen - Remove freerdp-fix-plugin-path.patch again, the problem was introduced/fixed by cmake changes * Sat Sep 18 2021 Hans-Peter Jansen - Create an explicit freerdp dependency for libwinpr * Fri Sep 17 2021 Hans-Peter Jansen - Add preliminary patch freerdp-fix-plugin-path.patch to fix dynamic addin loading * Fri Sep 17 2021 Johannes Weberhofer - Modified spec to satisfy because obs-service-source_validator does not support elif * Wed Sep 15 2021 Hans-Peter Jansen - Fix the spec-cleaner mess- Enable a few options on TW- Build for 15.3 required another lib- Remove X264 option, no related backend exists and enabling it fails in cmake creation stage * Fri Aug 20 2021 Hans-Peter Jansen - Reorganize build flags- Apply fix for -DBUILTIN_CHANNELS=OFF: freerdp-builtin-channels-off-link-fix.diff- Add plugins to libwinpr * Wed Aug 11 2021 Johannes Weberhofer - Updated to release 2.4.0 Noteworthy changes: * Backported multithreaded progressive decoder (#7036) * Backported clipboard fixes (#6924) * Fixed remote file read (#7185) Fixed issues: * #gh:FreeRDP/FreeRDP#6938: RAILS clipboard remote -> local * #gh:FreeRDP/FreeRDP#6985: Support newer FFMPEG builds * #gh:FreeRDP/FreeRDP#6989: Use OpenSSL default certificate store settings * #gh:FreeRDP/FreeRDP#7073: Planar alignment fixes * Mon Mar 15 2021 Johannes Weberhofer - Updated to release 2.3.2 Noteworthy changes: * Fixed autoreconnect printer backend loading * Fixed compilation on older mac os versions < 10.14 * Fixed mouse pointer move with smart-sizing * Added command line option to disable websocket gateway support * Fixed drive hotplugging issues with windows * Fixed smartcard issues on mac Fixed issues: * #gh:FreeRDP/FreeRDP#6900: Transparency issues with aFreeRDP * #gh:FreeRDP/FreeRDP#6848: Invalid format string in smartcard trace * #gh:FreeRDP/FreeRDP#6846: Fixed static builds * #gh:FreeRDP/FreeRDP#6888: Crash due to missing bounds checks * #gh:FreeRDP/FreeRDP#6882: Use default sound device on mac * Mon Mar 01 2021 Johannes Weberhofer - Updated to release 2.3.1 Noteworthy changes: * This is a compatibility bugfix release readding some (deprecated) symbols/defines * Also add some more EXPERIMENTAL warnings to CMake flags as some were not clear enough. * Fixed a memory leak in xfreerdp (mouse pointer updates) * No longer activating some compile time debug options with - DWITH_DEBUG_ALL=ON which might leak sensitive information. * Added -DDEFINE_NO_DEPRECATED for developers to detect use of deprecated symbols * Thu Feb 25 2021 Johannes Weberhofer - Updated to release 2.3.0 Noteworthy changes: * Websocket support for proxy connections * Progressive codec improvements. Reduces graphical glitches against windows and ogon servers * Fixed +glyph-cache, now working properly without disconnects * Huge file support in clipboard * XWayland support for xfreerdp (keyboard grabbing) * Improved wlfreerdp (wayland client) * Option to allow keyboard scancodes to be remapped manually * Improved mouse wheel behaviour when scrolling * Improved dynamic channel behaviour, more stable event detection * New connection state PubSub notification: Clients can now monitor current connection state Fixes: * gh#FreeRDP/FreeRDP/6626: Fixed parsing of FastGlyph order. gh#FreeRDP/FreeRDP/6624: Added support for xwayland keyboard grab gh#FreeRDP/FreeRDP/6492: Added clipboard CB_HUGE_FILE_SUPPORT_ENABLED flag gh#FreeRDP/FreeRDP/6428: Improve NLA error code logging. gh#FreeRDP/FreeRDP/6416: Http gateway message support gh#FreeRDP/FreeRDP/6753: List of pull requests to backport for stable-next- Added freerdp-rpmlintrc to supress a false positive as gethostbyname() is a windows-function call not a unix one.
|
|
|