pool/freerdp2
SHA256
17
0
Fork 2
Code Issues Pull Requests Activity

Sync factory for CVE fixes. #1

Manually merged
yfjiang merged 24 commits from yfjiang/freerdp2:leap-16.0 into leap-16.0 2026-03-04 18:40:51 +01:00
Conversation 10 Commits 24 Files Changed 29 +1444 -7
yfjiang commented 2026-03-04 04:10:35 +01:00
Contributor
Copy Link
No description provided.
yfjiang added 24 commits 2026-03-04 04:10:36 +01:00
osc copypac from project:openSUSE:Factory package:freerdp revision:72, using keep-link, using expand 7615afe814 
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/freerdp2?expand=0&rev=1
- Fix winpr-devel dependencies. WinePRTargets-*.cmake defines b84b2db729 
CMake targets for winpr-hash and winpr-makecert. They have to be
  present.

- Update to 2.11.2
  * Backported #9356: Fix issues with order updates
  * Backported #9378: backported wArrayList (optional) copy on insert
  * Backported #9360: backported certificate algorithm detection

- Update to 2.11.0
  * Various input validation fixes
  * Added various CMake options #9317
  * LibreSSL build fixes #8709
  * Big endian support
  * Mouse grabbing support
  * wayland scrolling fix
  * Update h264 to use new FFMPEG API
  * early bail from update_read_window_state_order breaks protocol
  * rdpecam/server: Remove wrong assertion
  * bounds checks for gdi/gfx rectangles
  * enforce rdpdr client side state checks
  * deactivate mouse grabbing by default
  * channels/cliprdr: Fix writing incorrect PDU type for unlock
    PDUs
  * Fix CVE-2023-39350 - boo#1214856
    incorrect offset calculation leading to DoS
  * Fix CVE-2023-39351 - boo#1214857
    Null Pointer Dereference leading DoS in RemoteFX
  * Fix CVE-2023-39352 - boo#1214858
    Invalid offset validation leading to Out Of Bound Write

OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/freerdp2?expand=0&rev=2
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/freerdp2?expand=0&rev=3 1d1032f1aa
Accepting request 1144492 from home:yudaike:branches:X11:RemoteDesktop d0d2a60d68 
- Add freerdp-CVE-2023-40574-to-2023-40576.patch
  * Fix CVE-2023-40574 - bsc#1214869
    Out-Of-Bounds Write in general_YUV444ToRGB_8u_P3AC4R_BGRX
  * Fix CVE-2023-40575 - bsc#1214870
    Out-Of-Bounds Read in general_YUV444ToRGB_8u_P3AC4R_BGRX
  * Fix CVE-2023-40576 - bsc#1214871
    Out-Of-Bounds Read in RleDecompress

OBS-URL: https://build.opensuse.org/request/show/1144492
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/freerdp2?expand=0&rev=4
Accepting request 1159804 from home:jtorres:branches:X11:RemoteDesktop 74d8f2a87a 
- This is 1/2 part for fixing bsc#1218290:

* Add a freerdp2 package with no conflicts with freerdp.

OBS-URL: https://build.opensuse.org/request/show/1159804
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/freerdp2?expand=0&rev=7
Accepting request 1161680 from home:jtorres:branches:X11:RemoteDesktop 88d7d5b200 
- Fix file conflict of wlog.7 with freerdp3

OBS-URL: https://build.opensuse.org/request/show/1161680
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/freerdp2?expand=0&rev=8
Accepting request 1164092 from home:jtorres:branches:X11:RemoteDesktop 2bc0d9b9cd 
- Update Source0 URL to make it valid with the actual Source0.

OBS-URL: https://build.opensuse.org/request/show/1164092
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/freerdp2?expand=0&rev=9
Accepting request 1164163 from X11:RemoteDesktop bb1ed5c7e3 
OBS-URL: https://build.opensuse.org/request/show/1164163
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/freerdp2?expand=0&rev=1
Accepting request 1166513 from home:krop:branches:X11:RemoteDesktop 54473f7b6c 
- Add patch to avoid unneeded dependencies when using winpr-devel:
  * 0001-Don-t-add-winpr-cli-tools-to-exported-CMake-targets.patch

OBS-URL: https://build.opensuse.org/request/show/1166513
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/freerdp2?expand=0&rev=11
Accepting request 1166893 from X11:RemoteDesktop b413594559 
OBS-URL: https://build.opensuse.org/request/show/1166893
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/freerdp2?expand=0&rev=2
Accepting request 1176603 from home:yudaike:branches:X11:RemoteDesktop d786b3c9fc 
- Multiple CVE fixes
  + Add freerdp-CVE-2024-32659.patch (bsc#1223346, CVE-2024-32659)
    - out-of-bounds read if `((nWidth == 0) and (nHeight == 0))`
  + Add freerdp-CVE-2024-32660.patch (bsc#1223347, CVE-2024-32660)
    - client crash via invalid huge allocation size
  + Add freerdp-CVE-2024-32661.patch (bsc#1223348, CVE-2024-32661)
    - client NULL pointer dereference
  + Add freerdp-CVE-2024-32658.patch (bsc#1223353, CVE-2024-32658) 
    - out-of-bounds read in Interleaved RLE Bitmap Codec in FreeRDP based clients

OBS-URL: https://build.opensuse.org/request/show/1176603
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/freerdp2?expand=0&rev=13
Accepting request 1176670 from X11:RemoteDesktop d323900980 
OBS-URL: https://build.opensuse.org/request/show/1176670
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/freerdp2?expand=0&rev=3
Accepting request 1178791 from home:frispete:Tumbleweed 786bddcca6 
- Update to 2.11.7
  + Backported oss-fuzz fixes
- Update to 2.11.6
  + CVE:
    * CVE-2024-32041 [Low[ OutOfBound Read in
      zgfx_decompress_segment
    * CVE-2024-32039 [Moderate] Integer overflow & OutOfBound Write
      in clear_decompress_residual_data
    * CVE-2024-32040 [Low] integer underflow in nsc_rle_decode
    * CVE-2024-32458 [Low] OutOfBound Read in planar_skip_plane_rle
    * CVE-2024-32459 [Low] OutOfBound Read in ncrush_decompress
    * CVE-2024-32460 [Low] OutOfBound Read in
      interleaved_decompress
  + Noteworthy changes:
    * Backported #10077
- Remove these patches, applied upstream:
  + freerdp-CVE-2023-40574-to-2023-40576.patch
  + freerdp-CVE-2024-32658.patch
  + freerdp-CVE-2024-32659.patch
  + freerdp-CVE-2024-32660.patch

- Add xfreerdp binary/man builds back with new name: xfreerdp2

OBS-URL: https://build.opensuse.org/request/show/1178791
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/freerdp2?expand=0&rev=15
Accepting request 1178908 from X11:RemoteDesktop 7a6d33107f 
OBS-URL: https://build.opensuse.org/request/show/1178908
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/freerdp2?expand=0&rev=4
Accepting request 1205800 from home:krop:branches:X11:RemoteDesktop f12532c735 
Add factory fixes

OBS-URL: https://build.opensuse.org/request/show/1205800
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/freerdp2?expand=0&rev=17
Accepting request 1205803 from X11:RemoteDesktop 8af9aab748 
Add factory fixes (forwarded request 1205800 from krop)

OBS-URL: https://build.opensuse.org/request/show/1205803
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/freerdp2?expand=0&rev=5
Accepting request 1313360 from home:yfjiang:branches:X11:RemoteDesktop 34e54a6a98 
- Update 0001-Fix-build-with-ffmpeg-7.patch: fix build issue in
  h264_ffmpeg.c.

OBS-URL: https://build.opensuse.org/request/show/1313360
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/freerdp2?expand=0&rev=19
Accepting request 1313361 from X11:RemoteDesktop 4784e0d10e 
OBS-URL: https://build.opensuse.org/request/show/1313361
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/freerdp2?expand=0&rev=6
- Add patches to fix CVE issues: b9b46cb552 
+ freerdp-CVE-2026-22852.patch (CVE-2026-22852, bsc#1256718)
  + freerdp-CVE-2026-22854.patch (CVE-2026-22854, bsc#1256720)
  + freerdp-CVE-2026-22856.patch (CVE-2026-22856, bsc#1256722)
  + freerdp-CVE-2026-22859.patch (CVE-2026-22859, bsc#1256725)
  + freerdp-CVE-2026-23530.patch (CVE-2026-23530, bsc#1256940)
  + freerdp-CVE-2026-23531.patch (CVE-2026-23531, bsc#1256941)
  + freerdp-CVE-2026-23532.patch (CVE-2026-23532, bsc#1256942)
  + freerdp-CVE-2026-23534.patch (CVE-2026-23534, bsc#1256944)

  * Fix integer overflow in progressive decoder (bsc#1219049, CVE-2024-22211)

OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/freerdp2?expand=0&rev=21
Accepting request 1332395 from X11:RemoteDesktop 1d21a84546 
OBS-URL: https://build.opensuse.org/request/show/1332395
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/freerdp2?expand=0&rev=7
- Add more CVE fixes 091475aff5 
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/freerdp2?expand=0&rev=23
Accepting request 1334656 from X11:RemoteDesktop a6ec91e6b4 
OBS-URL: https://build.opensuse.org/request/show/1334656
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/freerdp2?expand=0&rev=8
Merge branch 'factory' into leap-16.0 e31689dc51
sync with factory e8120e2036
autogits_workflow_pr_bot requested review from legaldb 2026-03-04 04:11:10 +01:00
autogits_workflow_pr_bot requested review from maintenance-release-review 2026-03-04 04:11:11 +01:00
autogits_workflow_pr_bot requested review from opensuse-review 2026-03-04 04:11:11 +01:00
opensuse-review commented 2026-03-04 04:11:39 +01:00
Member
Copy Link

Review by opensuse-review represents a group of reviewers: alarrosa, anag, atartamo, bigironman, darix, dimstar, dmach, eroca, jdsn, jengelh, mcalabkova, mstrigl, nkrapp, oertel, RBrownSUSE, simotek, smithfarm .

Do not use standard review interface to review on behalf of the group.
To accept the review on behalf of the group, create the following comment: @opensuse-review: approve.
To request changes on behalf of the group, create the following comment: @opensuse-review: decline followed with lines justifying the decision.
Future edits of the comments are ignored, a new comment is required to change the review state.

Review by opensuse-review represents a group of reviewers: alarrosa, anag, atartamo, bigironman, darix, dimstar, dmach, eroca, jdsn, jengelh, mcalabkova, mstrigl, nkrapp, oertel, RBrownSUSE, simotek, smithfarm . Do **not** use standard review interface to review on behalf of the group. To accept the review on behalf of the group, create the following comment: `@opensuse-review: approve`. To request changes on behalf of the group, create the following comment: `@opensuse-review: decline` followed with lines justifying the decision. Future edits of the comments are ignored, a new comment is required to change the review state.
maintenance-release-review commented 2026-03-04 04:16:06 +01:00
First-time contributor
Copy Link

Review by maintenance-release-review represents a group of reviewers: abergmann, amattiazzo, bfilho, cmatos, crazybyte, emanuelecappello, gsonnu, maintenance-robot, mauriziogalli, mbozicevic, mimi_vx, mschnitzer, msmeissn, pluskalm, rfrohl, slemke .

Do not use standard review interface to review on behalf of the group.
To accept the review on behalf of the group, create the following comment: @maintenance-release-review: approve.
To request changes on behalf of the group, create the following comment: @maintenance-release-review: decline followed with lines justifying the decision.
Future edits of the comments are ignored, a new comment is required to change the review state.

Review by maintenance-release-review represents a group of reviewers: abergmann, amattiazzo, bfilho, cmatos, crazybyte, emanuelecappello, gsonnu, maintenance-robot, mauriziogalli, mbozicevic, mimi_vx, mschnitzer, msmeissn, pluskalm, rfrohl, slemke . Do **not** use standard review interface to review on behalf of the group. To accept the review on behalf of the group, create the following comment: `@maintenance-release-review: approve`. To request changes on behalf of the group, create the following comment: `@maintenance-release-review: decline` followed with lines justifying the decision. Future edits of the comments are ignored, a new comment is required to change the review state.
legaldb commented 2026-03-04 04:21:49 +01:00
Member
Copy Link

Legal reviewed as acceptable_by_lawyer:

Accepted because previously reviewed under the same license (506067)
Legal reviewed as [acceptable_by_lawyer](https://legaldb.suse.de/reviews/details/508145): ``` Accepted because previously reviewed under the same license (506067) ```
report.md
1.8 KiB
legaldb approved these changes 2026-03-04 04:21:49 +01:00
autogits_obs_staging_bot commented 2026-03-04 11:50:57 +01:00
First-time contributor
Copy Link

Build successful, for more information go in https://build.opensuse.org/project/show/openSUSE:Backports:SLE-16.0:PullRequest:492.

Build successful, for more information go in https://build.opensuse.org/project/show/openSUSE:Backports:SLE-16.0:PullRequest:492.
mstrigl commented 2026-03-04 12:00:45 +01:00
First-time contributor
Copy Link

@opensuse-review : approve

LGTM

@opensuse-review : approve LGTM
mstrigl commented 2026-03-04 12:00:46 +01:00
First-time contributor
Copy Link

merge ok

merge ok
opensuse-review approved these changes 2026-03-04 12:06:11 +01:00
opensuse-review left a comment
Member
Copy Link

mstrigl approved a review on behalf of opensuse-review

mstrigl approved a review on behalf of opensuse-review
rfrohl commented 2026-03-04 18:21:42 +01:00
First-time contributor
Copy Link

@maintenance-release-review: approve

@maintenance-release-review: approve
maintenance-release-review approved these changes 2026-03-04 18:30:32 +01:00
maintenance-release-review left a comment
First-time contributor
Copy Link

rfrohl approved a review on behalf of maintenance-release-review

rfrohl approved a review on behalf of maintenance-release-review
yfjiang manually merged commit e8120e2036 into leap-16.0 2026-03-04 18:40:51 +01:00
Sign in to join this conversation.
Reviewers
No Reviewers
legaldb
opensuse-review
maintenance-release-review
Labels
Clear labels
legaldb
Critical Priority
Critical legaldb priority
Archived
legaldb
High Priority
2
High legaldb priority
legaldb
Normal Priority
1
Normal legaldb priority
No Label
Milestone
No items
No Milestone
Assignees
Clear assignees
adamm_super adrianSuSE autobuild-owner autobuild-review autogits_workflow_pr_bot bigironman dirkmueller eroca factory_bot gitea_test legaldb lkocman-factory maxlin_factory opensuse-review packagehub-review smithfarm
No Assignees
7 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: pool/freerdp2#1
Delete Branch "yfjiang/freerdp2:leap-16.0"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?