SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libwinpr2-2-2.11.7-3.9.x86_64.rpm :

* Thu May 09 2024 ecsos - Update to 2.11.7 - Backported oss-fuzz fixes- Update to 2.11.6
* CVE: - CVE-2024-32041 [Low[ OutOfBound Read in zgfx_decompress_segment - CVE-2024-32039 [Moderate] Integer overflow & OutOfBound Write in clear_decompress_residual_data - CVE-2024-32040 [Low] integer underflow in nsc_rle_decode - CVE-2024-32458 [Low] OutOfBound Read in planar_skip_plane_rle - CVE-2024-32459 [Low] OutOfBound Read in ncrush_decompress - CVE-2024-32460 [Low] OutOfBound Read in interleaved_decompress - Backported #10077- Update to 2.11.5 - Fix integer overflow in progressive decoder - Update OpenSSL API usage for compatiblility with newer versions (#9747) - Prevent NULL dereference for single thread decoder (#9712)
* Mon Dec 18 2023 ecsos - Update to 2.11.4 - fix a typo in unicode commit (#9652)- Update to 2.11.3 - Disabled windows MEDIA FOUNDATION h264 decoder due to reported issues (#9469) - Fix issues with drive redirection (#9530,9554, #9586, #9617) - Use endian safe ICU string converter (#9631) - Improve AAC support (#9577) - Fix swiss german keyboard layout (#9560) - Enable rfx-mode:image (#9428)
* Thu Nov 16 2023 Christophe Marin - Fix winpr-devel dependencies. WinePRTargets-
*.cmake defines CMake targets for winpr-hash and winpr-makecert. They have to be present.
* Fri Oct 20 2023 Adriankhl - Update to 2.11.2
* Backported #9356: Fix issues with order updates
* Backported #9378: backported wArrayList (optional) copy on insert
* Backported #9360: backported certificate algorithm detection
* Wed Aug 30 2023 Christophe Marin - Update to 2.11.0
* Various input validation fixes
* Added various CMake options #9317
* LibreSSL build fixes #8709
* Big endian support
* Mouse grabbing support
* wayland scrolling fix
* Update h264 to use new FFMPEG API
* early bail from update_read_window_state_order breaks protocol
* rdpecam/server: Remove wrong assertion
* bounds checks for gdi/gfx rectangles
* enforce rdpdr client side state checks
* deactivate mouse grabbing by default
* channels/cliprdr: Fix writing incorrect PDU type for unlock PDUs
* Fix CVE-2023-39350 - boo#1214856 incorrect offset calculation leading to DoS
* Fix CVE-2023-39351 - boo#1214857 Null Pointer Dereference leading DoS in RemoteFX
* Fix CVE-2023-39352 - boo#1214858 Invalid offset validation leading to Out Of Bound Write
* Fix CVE-2023-39353 - boo#1214859 Missing offset validation leading to Out Of Bound Read
* Fix CVE-2023-39354 - boo#1214860 Out-Of-Bounds Read in nsc_rle_decompress_data
* Fix CVE-2023-39356 - boo#1214862 Missing offset validation leading to Out-of-Bounds Read in gdi_multi_opaque_rect
* Fix CVE-2023-40181 - boo#1214863 Integer-Underflow leading to Out-Of-Bound Read in zgfx_decompress_segment
* Fix CVE-2023-40186 - boo#1214864 IntegerOverflow leading to Out-Of-Bound Write Vulnerability in gdi_CreateSurface
* Fix CVE-2023-40188 - boo#1214866 Out-Of-Bounds Read in general_LumaToYUV444
* Fix CVE-2023-40567 - boo#1214867 Out-Of-Bounds Write in clear_decompress_bands_data
* Fix CVE-2023-40569 - boo#1214868 Out-Of-Bounds Write in progressive_decompress
* Fix CVE-2023-40589 - boo#1214872 Global-Buffer-Overflow in ncrush_decompress- Drop patch, now upstream:
* Update_h264_to_use_new_FFMPEG_API.patch
* Wed May 31 2023 Andreas Schwab - Don\'t compile shared objects with -fPIE and use -pie only for executables- Reenable LTO on ARM
* Mon Apr 24 2023 Bjørn Lie - Add Update_h264_to_use_new_FFMPEG_API.patch: Update h264 to use new FFMPEG API.
* Thu Feb 16 2023 Hans-Peter Jansen - Ugraded to freerdp 2.10.0
* Fix android build scripts, use CMake from SDK
* Fix connection negotiation with mstsc/msrdc #8426
* [ntlm]: use rfc5929 binding hash algorithm #8430
* [channels,printer] Fixed reference counting #8433
* Fix uwac pixman #8439
* Fix Rdp security #8457
* [client,x11] Detect key autorepeat #8522
* [build] add channel path to RPATH #8551
* Fix build with BUILTIN_CHANNELS=OFF #8560
* revert changes so that the osmajortype/osminortype is not overwritten #8571
* [uwac] do not use iso C functions #8604
* [winpr,sam] fix inalid NULL arguments #8605
* Fix incompatible function pointer types #8625
* Fixed issues:
* Backported #8581: Ignore data PDUs for DVCs that were not opened successfully
* Backported #8498: [channel,urbdrc] fix type of usb hotplug callback
* Backported #8537: Extended info enforce limits
* Backported #8611: [core] add missing redirection fields- Patches removed, that were accepted upstream + freerdp-builtin-channels-off-link-fix.diff + freerdp-fix-rpath-settings.diff
* Fri Dec 16 2022 Hans-Peter Jansen - Complement fix for -DBUILTIN_CHANNELS=OFF to fix freerdp-proxy accessing librdpgfx-client.so: freerdp-fix-rpath-settings.diff Fixes second part of bnc#1205595.
* Sun Dec 11 2022 Konstantin Voinov - Disable VAAPI feature due bug https://bugzilla.opensuse.org/show_bug.cgi?id=1205595
* Thu Nov 17 2022 Johannes Weberhofer - Ugraded to freerdp 2.9.0
* Backported #gh:FreeRDP/FreeRDP#8252: Support sending server redirection PDU
* Backported #gh:FreeRDP/FreeRDP#8406: Ensure X11 client cursor is never smaller 1x1
* Backported #gh:FreeRDP/FreeRDP#8403: Fixed multiple client side input validation issues - boo#1205512, boo#1205563, boo#1205564 (CVE-2022-39316, CVE-2022-39317, CVE-2022-39318, CVE-2022-39319, CVE-2022-39320, CVE-2022-41877, CVE-2022-39347)
* Backported #7282: Proxy server now discards input events sent before activation was received
* Backported #gh:FreeRDP/FreeRDP#8324: Internal replacements for md4, md5 and hmac-md5 For the time being the RDP protocol requires these outdated hash algorithms. So any distribution that wants to ship a working FreeRDP should check the options WITH_INTERNAL_MD4 (and depending on OpenSSL deprecation status WITH_INTERNAL_MD5)- Fixed issues:
* Backported #gh:FreeRDP/FreeRDP#8341: Null checks in winpr_Digest_Free
* Backported #gh:FreeRDP/FreeRDP#8335: Missing NULL return in winpr_Digest_New
* Backported #gh:FreeRDP/FreeRDP#8192: Support for audin version 2 microphone channel
* Backported #gh:FreeRDP/FreeRDP#7282: Discard input events before activation (Fixes #8374)
* Mon Nov 07 2022 Johannes Weberhofer - Ugraded to freerdp 2.8.1
* Fixed CVE-2022-39282 - boo#1204258 using the `/parallel` command line switch might read uninitialized data
* Fixed CVE-2022-39283 - boo#1204257 using the `/video` command line switch might read uninitialized data
* Added missing commit for backported #gh:FreeRDP/FreeRDP#8041: Remove ALAW/ULAW codecs from linux backends (unreliable)
* Added hash checks for android build script dependencies- Fixed issues:
* #gh:FreeRDP/FreeRDP#8190: Fix build break with newer FFMPEG versions
* #gh:FreeRDP/FreeRDP#8234: Updated flatpak with build script
* #gh:FreeRDP/FreeRDP#8210: Better execinfo support check for android
* #gh:FreeRDP/FreeRDP#7708: Header now defines DumpThreadHandles
* #gh:FreeRDP/FreeRDP#8176: Check fullscreen state and not setting
* #gh:FreeRDP/FreeRDP#8236: Send resize on window state change
* #gh:FreeRDP/FreeRDP#7611: Audin macOS monterey fix
* #gh:FreeRDP/FreeRDP#8291: Android build script update
* Fix length checks and initialization in the deprecated (disabled per default) tsmf channel
* Mon Aug 08 2022 Bjørn Lie - Ugraded to freerdp 2.8.0
* Backported API to get peer accepted channel option flags
* Backported API to get peer accepted channel names
* Backported Stream_CheckAndLogRequiredLength
* Backported #7954: Add server side handling for [MS-RDPET]
* Backported #8010: Add server side handling for [MS-RDPECAM]
* Backported #8041: Remove ALAW/ULAW codecs from linux backends (unreliable)
* Backported #8051: Relieve CLIPRDR filename restriction when connecting to non-MS Windows servers
* Backported #8048: TLS version control
* Backported #7987: Add a new command line arg to enforce tls1.2- Fixed issues:
* Fixed #7837: Prevent out of bound reads for FFMPEG
* Backported #7859 and #7861: Unwind support for backtrace generation
* Backported #7440: wlfreerdp appid
* Backported #7832: RAIL window restore
* Backported #7833: Refactored WinPR thread locking
* Backported #7893: Mac rdpsnd memory leak fixes
* Backported #7895: Mac audin memory leak fixes
* Backported #7898: Automatic android versioning
* Backported #7916: GFX 10.7 capability support
* Backported #7949: Server RDPSND API improvements
* Backported #7957: Server DVC API improvements
* Backported #7760: Fixed osMinorType values
* Backported #8013: Add missing osMajorType values
* Backported #8076: Fix wrong usage of subband diffing flag (tile artifact fix)
* Tue Apr 26 2022 Johannes Weberhofer - Upgraded to freerdp 2.7.0
* OpenSSL3 gateway support (#gh:FreeRDP/FreeRDP#7822)
* various NTLM fixes
* WINPR_ASSERT to ease future backports
* Fixed CVE-2022-24882 - boo#1198919 NTLM not properly check parameters
* Fixed CVE-2022-24883 - boo#1198921 Fix authentication against invalid SAM files- Fixed issues:
* #gh:FreeRDP/FreeRDP#6786: Use /network:auto by default
* #gh:FreeRDP/FreeRDP#7714: Workaround for broken surface frame marker
* #gh:FreeRDP/FreeRDP#7733: Support 10bit X11 color (BGRX32 only)
* #gh:FreeRDP/FreeRDP#7745: GFX progressive double free
* #gh:FreeRDP/FreeRDP#7808: Disable websockets with /gt:rpc
* #gh:FreeRDP/FreeRDP#7815: RAIL expect LOGON_MSG_SESSION_CONTINUE
* Tue Mar 08 2022 Johannes Weberhofer - Upgraded to freerdp 2.6.1
* Decreased logging verbosity, now freerdp is much less verbose by default
* Backported freerdp_abort_connect during freerdp_connect fix (#gh:FreeRDP/FreeRDP#7700)
* Backported improved version dection see docs/version_detection.md for details
* Backported various rdpsnd fixes (#gh:FreeRDP/FreeRDP#7695)
* Wed Feb 23 2022 Johannes Weberhofer - Upgraded to freerdp 2.6.0
* Backported android FFMPEG build scripts
* Updated android build dependencies
* Backported AINPUT channel Fixed issues:
* Backported #gh:FreeRDP/FreeRDP#7303: Fix PDU length for RDPINPUT_PROTOCOL_V300
* Backported #gh:FreeRDP/FreeRDP#7658: Sanitize optional physical monitor size values
* Backported #gh:FreeRDP/FreeRDP#7426: Wayland memory corruption
* Backported #gh:FreeRDP/FreeRDP#7293: Remove unused codec x264
* Backported #gh:FreeRDP/FreeRDP#7541: Allow resolutions larger 2048x2048
* Backported #gh:FreeRDP/FreeRDP#7574: FFMPEG 5.0 support
* Backported #gh:FreeRDP/FreeRDP#7578: FFMPEG 5.0 support
* Backported #gh:FreeRDP/FreeRDP#7580: Fixed device hotplugging
* Backported #gh:FreeRDP/FreeRDP#7583: GetUserNameExA: Prefer getpwuid_r over getlogin_r over getlogin
* Backported #gh:FreeRDP/FreeRDP#7585: Android Mediacodec support
* Mon Jan 24 2022 Predrag Ivanović - Enable FFmpeg support for Leap-15.2+
* Thu Jan 13 2022 Johannes Weberhofer - Upgraded to freerdp 2.5.0
* Fixed smartcard login in case a redirection occurs the pin was lost
* Backported windows client drawing fixes
* Backported improved macOS keyboard layout detection
* Backported TcpConnectTimeout
* Backported LibreSSL compatibility patches
* Backported signal handler backtrace
* Backported OpenSSL 3.0 support
* Backport #gh:FreeRDP/FreeRDP#7539: Wayland client clipboard issues
* Backport #gh:FreeRDP/FreeRDP#7509: Various fixes regarding registry emulation, addin loader and updated locale detection
* Backport #gh:FreeRDP/FreeRDP#7466: Android android_register_pointer missing initialization
* Thu Dec 02 2021 Fabian Vogt - Add patch to fix connecting without H.264-enabled FFmpeg (boo#1190823):
* 0001-Make-H.264-codec-optional-during-runtime.patch- Use %autosetup
* Thu Oct 21 2021 Johannes Weberhofer - Upgraded to freerdp 2.4.1 Important security issues, boo#1191895:
* CVE-2021-41159: Improper client input validation for gateway connections allows to overwrite memory
* CVE-2021-41160: Improper region checks in all clients allow out of bound write to memory Noteworthy changes:
* Refactored RPC gateway parsing code
* OpenSSL 3.0 compatibility fixes
* USB redirection: fixed transfer lengths Fixed issues:
* #gh:FreeRDP/FreeRDP#7363: Length checks in ConvertUTF8toUTF16
* #gh:FreeRDP/FreeRDP#7349: Added checks for bitmap width and heigth values- Force library update to the latest, renamed versions (followup to boo#1191755)
* Wed Oct 20 2021 Johannes Weberhofer - Renamed libraries to follow packaging standards as requested in boo#1191755
* Thu Oct 07 2021 Hans-Peter Jansen - Finally nailed it: CMAKE_INSTALL_LIBDIR is absolute on Leaps and relative on TW, but freerdp requires the relative variant. Fixes boo#1190919
* Wed Oct 06 2021 Hans-Peter Jansen - Remove freerdp-fix-plugin-path.patch again, the problem was introduced/fixed by cmake changes
* Sat Sep 18 2021 Hans-Peter Jansen - Create an explicit freerdp dependency for libwinpr
* Fri Sep 17 2021 Hans-Peter Jansen - Add preliminary patch freerdp-fix-plugin-path.patch to fix dynamic addin loading
* Fri Sep 17 2021 Johannes Weberhofer - Modified spec to satisfy because obs-service-source_validator does not support elif
* Wed Sep 15 2021 Hans-Peter Jansen - Fix the spec-cleaner mess- Enable a few options on TW- Build for 15.3 required another lib- Remove X264 option, no related backend exists and enabling it fails in cmake creation stage
* Fri Aug 20 2021 Hans-Peter Jansen - Reorganize build flags- Apply fix for -DBUILTIN_CHANNELS=OFF: freerdp-builtin-channels-off-link-fix.diff- Add plugins to libwinpr
* Wed Aug 11 2021 Johannes Weberhofer - Updated to release 2.4.0 Noteworthy changes:
* Backported multithreaded progressive decoder (#7036)
* Backported clipboard fixes (#6924)
* Fixed remote file read (#7185) Fixed issues:
* #gh:FreeRDP/FreeRDP#6938: RAILS clipboard remote -> local
* #gh:FreeRDP/FreeRDP#6985: Support newer FFMPEG builds
* #gh:FreeRDP/FreeRDP#6989: Use OpenSSL default certificate store settings
* #gh:FreeRDP/FreeRDP#7073: Planar alignment fixes
* Mon Mar 15 2021 Johannes Weberhofer - Updated to release 2.3.2 Noteworthy changes:
* Fixed autoreconnect printer backend loading
* Fixed compilation on older mac os versions < 10.14
* Fixed mouse pointer move with smart-sizing
* Added command line option to disable websocket gateway support
* Fixed drive hotplugging issues with windows
* Fixed smartcard issues on mac Fixed issues:
* #gh:FreeRDP/FreeRDP#6900: Transparency issues with aFreeRDP
* #gh:FreeRDP/FreeRDP#6848: Invalid format string in smartcard trace
* #gh:FreeRDP/FreeRDP#6846: Fixed static builds
* #gh:FreeRDP/FreeRDP#6888: Crash due to missing bounds checks
* #gh:FreeRDP/FreeRDP#6882: Use default sound device on mac
* Mon Mar 01 2021 Johannes Weberhofer - Updated to release 2.3.1 Noteworthy changes:
* This is a compatibility bugfix release readding some (deprecated) symbols/defines
* Also add some more EXPERIMENTAL warnings to CMake flags as some were not clear enough.
* Fixed a memory leak in xfreerdp (mouse pointer updates)
* No longer activating some compile time debug options with - DWITH_DEBUG_ALL=ON which might leak sensitive information.
* Added -DDEFINE_NO_DEPRECATED for developers to detect use of deprecated symbols
* Thu Feb 25 2021 Johannes Weberhofer - Updated to release 2.3.0 Noteworthy changes:
* Websocket support for proxy connections
* Progressive codec improvements. Reduces graphical glitches against windows and ogon servers
* Fixed +glyph-cache, now working properly without disconnects
* Huge file support in clipboard
* XWayland support for xfreerdp (keyboard grabbing)
* Improved wlfreerdp (wayland client)
* Option to allow keyboard scancodes to be remapped manually
* Improved mouse wheel behaviour when scrolling
* Improved dynamic channel behaviour, more stable event detection
* New connection state PubSub notification: Clients can now monitor current connection state Fixes:
* gh#FreeRDP/FreeRDP/6626: Fixed parsing of FastGlyph order. gh#FreeRDP/FreeRDP/6624: Added support for xwayland keyboard grab gh#FreeRDP/FreeRDP/6492: Added clipboard CB_HUGE_FILE_SUPPORT_ENABLED flag gh#FreeRDP/FreeRDP/6428: Improve NLA error code logging. gh#FreeRDP/FreeRDP/6416: Http gateway message support gh#FreeRDP/FreeRDP/6753: List of pull requests to backport for stable-next- Added freerdp-rpmlintrc to supress a false positive as gethostbyname() is a windows-function call not a unix one.
  
ICM