- Ugraded to freerdp 2.9.0
* Backported #gh:FreeRDP/FreeRDP#8252: Support sending server redirection PDU
* Backported #gh:FreeRDP/FreeRDP#8406: Ensure X11 client cursor is never
smaller 1x1
* Backported #gh:FreeRDP/FreeRDP#8403: Fixed multiple client side input
validation issues - boo#1205512
(CVE-2022-39316, CVE-2022-39317, CVE-2022-39318, CVE-2022-39319,
CVE-2022-39320, CVE-2022-41877, CVE-2022-39347)
* Backported #7282: Proxy server now discards input events sent before
activation was received
* Backported #gh:FreeRDP/FreeRDP#8324: Internal replacements for md4,
md5 and hmac-md5
For the time being the RDP protocol requires these outdated hash
algorithms. So any distribution that wants to ship a working
FreeRDP should check the options WITH_INTERNAL_MD4 (and depending
on OpenSSL deprecation status WITH_INTERNAL_MD5)
- Fixed issues:
* Backported #gh:FreeRDP/FreeRDP#8341: Null checks in winpr_Digest_Free
* Backported #gh:FreeRDP/FreeRDP#8335: Missing NULL return
in winpr_Digest_New
* Backported #gh:FreeRDP/FreeRDP#8192: Support for audin
version 2 microphone channel
* Backported #gh:FreeRDP/FreeRDP#7282: Discard input events before
activation (Fixes#8374)
OBS-URL: https://build.opensuse.org/request/show/1036417
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/freerdp?expand=0&rev=137
- Upgraded to freerdp 2.4.1
Important security issues, boo#1191895:
* CVE-2021-41159: Improper client input validation for gateway connections allows to overwrite memory
* CVE-2021-41160: Improper region checks in all clients allow out of bound write to memory
Noteworthy changes:
* Refactored RPC gateway parsing code
* OpenSSL 3.0 compatibility fixes
* USB redirection: fixed transfer lengths
Fixed issues:
* #gh:FreeRDP/FreeRDP#7363: Length checks in ConvertUTF8toUTF16
* #gh:FreeRDP/FreeRDP#7349: Added checks for bitmap width and heigth values
- Force library update to the latest, renamed versions (followup to
boo#1191755)
OBS-URL: https://build.opensuse.org/request/show/926753
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/freerdp?expand=0&rev=124
Hi Johannes,
hopefully I addressed all your concerns correctly, but cheated a bit with
the changelog timestamps. I wanted to avoid creating yet another entry,
hence combined the latest change with the former ones. Hope, this is still
fine for you.
Best,
Pete
- Fix the spec-cleaner mess
- Enable a few options on TW
- Build for 15.3 required another lib
- Remove X264 option, no related backend exists and enabling it fails
in cmake creation stage
- Reorganize build flags
- Apply fix for -DBUILTIN_CHANNELS=OFF: freerdp-builtin-channels-off-link-fix.diff
- Add plugins to libwinpr
OBS-URL: https://build.opensuse.org/request/show/919271
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/freerdp?expand=0&rev=117
- Updated to release 2.3.2
Noteworthy changes:
* Fixed autoreconnect printer backend loading
* Fixed compilation on older mac os versions < 10.14
* Fixed mouse pointer move with smart-sizing
* Added command line option to disable websocket gateway support
* Fixed drive hotplugging issues with windows
* Fixed smartcard issues on mac
Fixed issues:
* #gh:FreeRDP/FreeRDP#6900: Transparency issues with aFreeRDP
* #gh:FreeRDP/FreeRDP#6848: Invalid format string in smartcard trace
* #gh:FreeRDP/FreeRDP#6846: Fixed static builds
* #gh:FreeRDP/FreeRDP#6888: Crash due to missing bounds checks
* #gh:FreeRDP/FreeRDP#6882: Use default sound device on mac
- Updated to release 2.3.1
Noteworthy changes:
* This is a compatibility bugfix release readding some (deprecated)
symbols/defines
* Also add some more EXPERIMENTAL warnings to CMake flags as some were not
clear enough.
* Fixed a memory leak in xfreerdp (mouse pointer updates)
* No longer activating some compile time debug options with
-DWITH_DEBUG_ALL=ON which might leak sensitive information.
* Added -DDEFINE_NO_DEPRECATED for developers to detect use of
deprecated symbols
OBS-URL: https://build.opensuse.org/request/show/879582
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/freerdp?expand=0&rev=114
- Updated to release 2.3.0
Noteworthy changes:
* Websocket support for proxy connections
* Progressive codec improvements. Reduces graphical glitches against windows
and ogon servers
* Fixed +glyph-cache, now working properly without disconnects
* Huge file support in clipboard
* XWayland support for xfreerdp (keyboard grabbing)
* Improved wlfreerdp (wayland client)
* Option to allow keyboard scancodes to be remapped manually
* Improved mouse wheel behaviour when scrolling
* Improved dynamic channel behaviour, more stable event detection
* New connection state PubSub notification: Clients can now monitor current
connection state
Fixes:
* gh#FreeRDP/FreeRDP/6626: Fixed parsing of FastGlyph order.
gh#FreeRDP/FreeRDP/6624: Added support for xwayland keyboard grab
gh#FreeRDP/FreeRDP/6492: Added clipboard CB_HUGE_FILE_SUPPORT_ENABLED flag
gh#FreeRDP/FreeRDP/6428: Improve NLA error code logging.
gh#FreeRDP/FreeRDP/6416: Http gateway message support
gh#FreeRDP/FreeRDP/6753: List of pull requests to backport for stable-next
- Added freerdp-rpmlintrc to supress a false positive as gethostbyname() is
a windows-function call not a unix one.
OBS-URL: https://build.opensuse.org/request/show/875068
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/freerdp?expand=0&rev=112
- Updated to release 2.2.0 (boo#1174321)
* SECURITY: CVE-2020-15103 - Integer overflow due to missing input sanitation in rdpegfx channel
* Sound & mic - filter GSM codec for microphone redirection (gh#FreeRDP/FreeRDP#6263)
* windows client title length (gh#FreeRDP/FreeRDP#6335)
* "Alternate Secondary Drawing Order UNKNOWN" (gh#FreeRDP/FreeRDP#6370)
* remoteapp with dialog is disconnecting when it loses focus (gh#FreeRDP/FreeRDP#6298)
* v2.1.2: Can't connect to Windows7 (gh#FreeRDP/FreeRDP#6299)
* fix: memory leak in nsc
* urbdrc: some fixes and improvements
* build: use cmake to detect getlogin_r, improve asan checks/detection
* server/proxy:
- new: support for heartbeats
- new: support for rail handshake ex flags
- fix: possible race condition with redirects
- Removed freerdp_Mask_CACHED_BRUSH_when_checking_brush_style.patch
- Drop BuildRequires of libavcodec for Leap/SLE (bsc#1174200)
OBS-URL: https://build.opensuse.org/request/show/821927
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/freerdp?expand=0&rev=110
- Updated to release 2.1.1
* CVE-2020-NYA: GHSL-2020-100 OOB Read in ntlm_read_ChallengeMessage
* CVE-2020-NYA: GHSL-2020-101 OOB Read in security_fips_decrypt due to uninitialized value
* CVE-2020-NYA: GHSL-2020-102 OOB Write in crypto_rsa_common
* Enforce synchronous legacy RDP encryption count (#6156)
* Fixed some leaks and crashes missed in 2.1.0
* Removed dynamic channel listener limits
* Lots of resource cleanup fixes (clang sanitizers)
* A couple of performance improvements
* Various small annoyances eliminated (typos, prefilled username for windows client, ...)
- Removed freerdp-bug-6175.patch and freerdp-bug-6207.patch because included in upstream
OBS-URL: https://build.opensuse.org/request/show/808120
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/freerdp?expand=0&rev=101
- Updated to release 2.1.0
* Fixed CVEs:
- CVE-2020-11039
- CVE-2020-11038
- CVE-2020-11043
- CVE-2020-11040
- CVE-2020-11041
- CVE-2020-11019
- CVE-2020-11017
- CVE-2020-11018
* Fixed leak and crashing issues:
- gh#FreeRDP/FreeRDP#6129
- gh#FreeRDP/FreeRDP#6128
- gh#FreeRDP/FreeRDP#6127
- gh#FreeRDP/FreeRDP#6110
- gh#FreeRDP/FreeRDP#6081
- gh#FreeRDP/FreeRDP#6077
* Noteworthy features and improvements:
- Fixed sound issues (gh#FreeRDP/FreeRDP#6043)
- New expert command line options /tune and /tune-list to modify all client
settings in a generic way.
- Fixes for smartcard cache, this improves compatibility of smartcard devices
with newer smartcard channel.
- Shadow server can now be instructed to listen to multiple interfaces.
- Improved server certificate support (gh#FreeRDP/FreeRDP#6052)
- Various fixes for wayland client (fullscreen, mouse wheel, ...)
- Fixed large mouse pointer support, now mouse pointers > 96x96 pixel are visible.
- USB redirection command line improvements (filter options)
- Various translation improvements for android and ios clients
- Removed upstream patches fix-freerdp-2.0.0-usbdk-build.patch
and fix-URBDRC_DEVICE_ADD_FLAG-definitions.patch
OBS-URL: https://build.opensuse.org/request/show/801822
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/freerdp?expand=0&rev=98
- Added cairo support for scaling
- Cleaned up spec
- Removed patch freerdp-Fix-realloc-return-handling.patch
- Added pkgconfig(libusb-1.0) for building
- Added new package for freerdp-proxy
- Cleaned up spec file
- Updated to release 2.0.0
* Fixed CVEs:
- CVE-2020-11521
- CVE-2020-11522
- CVE-2020-11523
- CVE-2020-11524
- CVE-2020-11525
- CVE-2020-11526
* Fixed security related issues:
- gh#FreeRDP/FreeRDP#6005
- gh#FreeRDP/FreeRDP#6006
- gh#FreeRDP/FreeRDP#6007
- gh#FreeRDP/FreeRDP#6008
- gh#FreeRDP/FreeRDP#6009
- gh#FreeRDP/FreeRDP#6010
- gh#FreeRDP/FreeRDP#6011
- gh#FreeRDP/FreeRDP#6012
- gh#FreeRDP/FreeRDP#6013
* sha256 is now used instead of sha1 to fingerprint certificates. This will
invalidate all hosts in FreeRDP known_hosts2 file and causes a prompt if a
new connection is established after the update
* First version of the RDP proxy was added (gh#FreeRDP/FreeRDP#5372)
thanks to @kubistika
* Smartcard received some refactoring. Missing functions were added and input
validation was improved (gh#FreeRDP/FreeRDP#5884)
* A new option /cert that unifies all certificate related options (gh#FreeRDP/FreeRDP#5880)
The old options (cert-ignore, cert-deny, cert-name, cert-tofu) are still
available but marked as deprecated
* Support for Remote Assistance Protocol Version 2 [MS-RA]
* The DirectFB client was removed because it was unmaintained
* Unified initialization of OrderSupport
* Fix for licensing against Windows Server 2003
* Font smoothing is now enabled per default
* Smart scaling for Wayland using libcairo was added (gh#FreeRDP/FreeRDP#5215)
* Unified update->BeginPaint and update->EndPaint
* An image scaling API for software drawing was added
* Rail was updated to the latest spec version 28.0
* Support for H.264 in the shadow server is now detected at runtime
* Add mask=<value> option for /gfx and /gfx-h264 (gh#FreeRDP/FreeRDP#5771)
* A new option /timeout was added to adjust the TCP ACK timeout (gh#FreeRDP/FreeRDP#5987)
OBS-URL: https://build.opensuse.org/request/show/793853
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/freerdp?expand=0&rev=93
