- Upgraded to freerdp 2.4.1
Important security issues, boo#1191895:
* CVE-2021-41159: Improper client input validation for gateway connections allows to overwrite memory
* CVE-2021-41160: Improper region checks in all clients allow out of bound write to memory
Noteworthy changes:
* Refactored RPC gateway parsing code
* OpenSSL 3.0 compatibility fixes
* USB redirection: fixed transfer lengths
Fixed issues:
* #gh:FreeRDP/FreeRDP#7363: Length checks in ConvertUTF8toUTF16
* #gh:FreeRDP/FreeRDP#7349: Added checks for bitmap width and heigth values
- Force library update to the latest, renamed versions (followup to
boo#1191755)
OBS-URL: https://build.opensuse.org/request/show/926753
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/freerdp?expand=0&rev=124
Hi Johannes,
hopefully I addressed all your concerns correctly, but cheated a bit with
the changelog timestamps. I wanted to avoid creating yet another entry,
hence combined the latest change with the former ones. Hope, this is still
fine for you.
Best,
Pete
- Fix the spec-cleaner mess
- Enable a few options on TW
- Build for 15.3 required another lib
- Remove X264 option, no related backend exists and enabling it fails
in cmake creation stage
- Reorganize build flags
- Apply fix for -DBUILTIN_CHANNELS=OFF: freerdp-builtin-channels-off-link-fix.diff
- Add plugins to libwinpr
OBS-URL: https://build.opensuse.org/request/show/919271
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/freerdp?expand=0&rev=117
- Updated to release 2.3.2
Noteworthy changes:
* Fixed autoreconnect printer backend loading
* Fixed compilation on older mac os versions < 10.14
* Fixed mouse pointer move with smart-sizing
* Added command line option to disable websocket gateway support
* Fixed drive hotplugging issues with windows
* Fixed smartcard issues on mac
Fixed issues:
* #gh:FreeRDP/FreeRDP#6900: Transparency issues with aFreeRDP
* #gh:FreeRDP/FreeRDP#6848: Invalid format string in smartcard trace
* #gh:FreeRDP/FreeRDP#6846: Fixed static builds
* #gh:FreeRDP/FreeRDP#6888: Crash due to missing bounds checks
* #gh:FreeRDP/FreeRDP#6882: Use default sound device on mac
- Updated to release 2.3.1
Noteworthy changes:
* This is a compatibility bugfix release readding some (deprecated)
symbols/defines
* Also add some more EXPERIMENTAL warnings to CMake flags as some were not
clear enough.
* Fixed a memory leak in xfreerdp (mouse pointer updates)
* No longer activating some compile time debug options with
-DWITH_DEBUG_ALL=ON which might leak sensitive information.
* Added -DDEFINE_NO_DEPRECATED for developers to detect use of
deprecated symbols
OBS-URL: https://build.opensuse.org/request/show/879582
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/freerdp?expand=0&rev=114
- Updated to release 2.3.0
Noteworthy changes:
* Websocket support for proxy connections
* Progressive codec improvements. Reduces graphical glitches against windows
and ogon servers
* Fixed +glyph-cache, now working properly without disconnects
* Huge file support in clipboard
* XWayland support for xfreerdp (keyboard grabbing)
* Improved wlfreerdp (wayland client)
* Option to allow keyboard scancodes to be remapped manually
* Improved mouse wheel behaviour when scrolling
* Improved dynamic channel behaviour, more stable event detection
* New connection state PubSub notification: Clients can now monitor current
connection state
Fixes:
* gh#FreeRDP/FreeRDP/6626: Fixed parsing of FastGlyph order.
gh#FreeRDP/FreeRDP/6624: Added support for xwayland keyboard grab
gh#FreeRDP/FreeRDP/6492: Added clipboard CB_HUGE_FILE_SUPPORT_ENABLED flag
gh#FreeRDP/FreeRDP/6428: Improve NLA error code logging.
gh#FreeRDP/FreeRDP/6416: Http gateway message support
gh#FreeRDP/FreeRDP/6753: List of pull requests to backport for stable-next
- Added freerdp-rpmlintrc to supress a false positive as gethostbyname() is
a windows-function call not a unix one.
OBS-URL: https://build.opensuse.org/request/show/875068
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/freerdp?expand=0&rev=112
- Updated to release 2.2.0 (boo#1174321)
* SECURITY: CVE-2020-15103 - Integer overflow due to missing input sanitation in rdpegfx channel
* Sound & mic - filter GSM codec for microphone redirection (gh#FreeRDP/FreeRDP#6263)
* windows client title length (gh#FreeRDP/FreeRDP#6335)
* "Alternate Secondary Drawing Order UNKNOWN" (gh#FreeRDP/FreeRDP#6370)
* remoteapp with dialog is disconnecting when it loses focus (gh#FreeRDP/FreeRDP#6298)
* v2.1.2: Can't connect to Windows7 (gh#FreeRDP/FreeRDP#6299)
* fix: memory leak in nsc
* urbdrc: some fixes and improvements
* build: use cmake to detect getlogin_r, improve asan checks/detection
* server/proxy:
- new: support for heartbeats
- new: support for rail handshake ex flags
- fix: possible race condition with redirects
- Removed freerdp_Mask_CACHED_BRUSH_when_checking_brush_style.patch
- Drop BuildRequires of libavcodec for Leap/SLE (bsc#1174200)
OBS-URL: https://build.opensuse.org/request/show/821927
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/freerdp?expand=0&rev=110
- Updated to release 2.1.1
* CVE-2020-NYA: GHSL-2020-100 OOB Read in ntlm_read_ChallengeMessage
* CVE-2020-NYA: GHSL-2020-101 OOB Read in security_fips_decrypt due to uninitialized value
* CVE-2020-NYA: GHSL-2020-102 OOB Write in crypto_rsa_common
* Enforce synchronous legacy RDP encryption count (#6156)
* Fixed some leaks and crashes missed in 2.1.0
* Removed dynamic channel listener limits
* Lots of resource cleanup fixes (clang sanitizers)
* A couple of performance improvements
* Various small annoyances eliminated (typos, prefilled username for windows client, ...)
- Removed freerdp-bug-6175.patch and freerdp-bug-6207.patch because included in upstream
OBS-URL: https://build.opensuse.org/request/show/808120
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/freerdp?expand=0&rev=101
- Updated to release 2.1.0
* Fixed CVEs:
- CVE-2020-11039
- CVE-2020-11038
- CVE-2020-11043
- CVE-2020-11040
- CVE-2020-11041
- CVE-2020-11019
- CVE-2020-11017
- CVE-2020-11018
* Fixed leak and crashing issues:
- gh#FreeRDP/FreeRDP#6129
- gh#FreeRDP/FreeRDP#6128
- gh#FreeRDP/FreeRDP#6127
- gh#FreeRDP/FreeRDP#6110
- gh#FreeRDP/FreeRDP#6081
- gh#FreeRDP/FreeRDP#6077
* Noteworthy features and improvements:
- Fixed sound issues (gh#FreeRDP/FreeRDP#6043)
- New expert command line options /tune and /tune-list to modify all client
settings in a generic way.
- Fixes for smartcard cache, this improves compatibility of smartcard devices
with newer smartcard channel.
- Shadow server can now be instructed to listen to multiple interfaces.
- Improved server certificate support (gh#FreeRDP/FreeRDP#6052)
- Various fixes for wayland client (fullscreen, mouse wheel, ...)
- Fixed large mouse pointer support, now mouse pointers > 96x96 pixel are visible.
- USB redirection command line improvements (filter options)
- Various translation improvements for android and ios clients
- Removed upstream patches fix-freerdp-2.0.0-usbdk-build.patch
and fix-URBDRC_DEVICE_ADD_FLAG-definitions.patch
OBS-URL: https://build.opensuse.org/request/show/801822
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/freerdp?expand=0&rev=98
- Added cairo support for scaling
- Cleaned up spec
- Removed patch freerdp-Fix-realloc-return-handling.patch
- Added pkgconfig(libusb-1.0) for building
- Added new package for freerdp-proxy
- Cleaned up spec file
- Updated to release 2.0.0
* Fixed CVEs:
- CVE-2020-11521
- CVE-2020-11522
- CVE-2020-11523
- CVE-2020-11524
- CVE-2020-11525
- CVE-2020-11526
* Fixed security related issues:
- gh#FreeRDP/FreeRDP#6005
- gh#FreeRDP/FreeRDP#6006
- gh#FreeRDP/FreeRDP#6007
- gh#FreeRDP/FreeRDP#6008
- gh#FreeRDP/FreeRDP#6009
- gh#FreeRDP/FreeRDP#6010
- gh#FreeRDP/FreeRDP#6011
- gh#FreeRDP/FreeRDP#6012
- gh#FreeRDP/FreeRDP#6013
* sha256 is now used instead of sha1 to fingerprint certificates. This will
invalidate all hosts in FreeRDP known_hosts2 file and causes a prompt if a
new connection is established after the update
* First version of the RDP proxy was added (gh#FreeRDP/FreeRDP#5372)
thanks to @kubistika
* Smartcard received some refactoring. Missing functions were added and input
validation was improved (gh#FreeRDP/FreeRDP#5884)
* A new option /cert that unifies all certificate related options (gh#FreeRDP/FreeRDP#5880)
The old options (cert-ignore, cert-deny, cert-name, cert-tofu) are still
available but marked as deprecated
* Support for Remote Assistance Protocol Version 2 [MS-RA]
* The DirectFB client was removed because it was unmaintained
* Unified initialization of OrderSupport
* Fix for licensing against Windows Server 2003
* Font smoothing is now enabled per default
* Smart scaling for Wayland using libcairo was added (gh#FreeRDP/FreeRDP#5215)
* Unified update->BeginPaint and update->EndPaint
* An image scaling API for software drawing was added
* Rail was updated to the latest spec version 28.0
* Support for H.264 in the shadow server is now detected at runtime
* Add mask=<value> option for /gfx and /gfx-h264 (gh#FreeRDP/FreeRDP#5771)
* A new option /timeout was added to adjust the TCP ACK timeout (gh#FreeRDP/FreeRDP#5987)
OBS-URL: https://build.opensuse.org/request/show/793853
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/freerdp?expand=0&rev=93
- upgrade to version 2.0.0-rc3
See: https://github.com/FreeRDP/FreeRDP/milestone/9?closed=1
* Improved and cleaned up the command line interface
* Fixed automount issues
* Fixed several audio and microphone related issues
* Implemented AAC and MP3 codecs
* Added Wave2 support
* Addedd dynamic resolution with full screen toggle support
* Improved redirection handling and certificate issues
* Improved automatic reconnects
* Improced connection error handling
* Fixed invalid pointer, double-free, integer underflow,
buffer overflows issues as well as other memory leaks
* fixed X11 Right-Ctrl ungrab feature
* winpr: Updates time zone data to April 2018
* added libressl compatibility
OBS-URL: https://build.opensuse.org/request/show/628188
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/freerdp?expand=0&rev=77
- Updated to 2.0.0-rc1
Noteworthy features and improvements:
* support for FIPS mode was added (option +fipsmode)
* initial client side kerberos support (run cmake with WITH_GSSAPI)
* support for ssh-agent redirection (as rdp channel)
* the man page(s) and /help were updated an improved
* add support for ICU for unicode conversion (-DWITH_ICU=ON)
* client add option to force password prompt before connection (/from-stdin[:force])
* extend /size to allow width or height percentages (#gh/FreeRDP/FreeRDP/4146)
* add support for "password is pin"
* clipboard is now enabled per default (use -clipboard to disable)
Fixed github issues (excerpt):
* #gh/FreeRDP/FreeRDP/4281: Added option to prefer IPv6 over IPv4
* #gh/FreeRDP/FreeRDP/3890: Point to OpenSSL doc for private CA
* #gh/FreeRDP/FreeRDP/3378: support 31 static channels as described in the spec
* #gh/FreeRDP/FreeRDP/4253: Rfx decode tile width.
* #gh/FreeRDP/FreeRDP/3267: fix parsing of drivestoredirect
* #gh/FreeRDP/FreeRDP/4257: Proper error checks for /kbd argument
* #gh/FreeRDP/FreeRDP/4249: Corruption due to recursive parser
* #gh/FreeRDP/FreeRDP/4111: 15bpp color handling for brush.
* #gh/FreeRDP/FreeRDP/3509: Added Ctrl+Alt+Enter description
* #gh/FreeRDP/FreeRDP/3211: Return freerdp error from main.
* #gh/FreeRDP/FreeRDP/3513: add better description for drive redirection
* #gh/FreeRDP/FreeRDP/4199: ConvertFindDataAToW string length
* #gh/FreeRDP/FreeRDP/4135: client/x11: fix colors on big endian
* #gh/FreeRDP/FreeRDP/4089: fix h264 context leak when DeleteSurface
* #gh/FreeRDP/FreeRDP/4117: possible segfault
* #gh/FreeRDP/FreeRDP/4091: fix a regression with remote program
OBS-URL: https://build.opensuse.org/request/show/546955
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/freerdp?expand=0&rev=66
- Switched to official RC0
- Create wayland client package and libuwac0 package
- Create separate libwinpr2 to be used in other packages
- enabled gstreamer (currently disabled for tumbleweed)
- enabled kerberos authentication
- Update to official RC0
Fix the following issues identified by the CISCO TALOS project:
* TALOS-2017-0336 CVE-2017-2834 boo#1050714
* TALOS-2017-0337 CVE-2017-2835 boo#1050712
* TALOS-2017-0338 CVE-2017-2836 boo#1050699
* TALOS-2017-0339 CVE-2017-2837 boo#1050704
* TALOS-2017-0340 CVE-2017-2838 boo#1050708
* TALOS-2017-0341 CVE-2017-2839 boo#1050711
OBS-URL: https://build.opensuse.org/request/show/520136
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/freerdp?expand=0&rev=62
- Update to version 2.0.0~git.1477034991.043243f:
* fixed kerberos authentication
* shadow/rdpsnd: Fix race condition in rdpsnd channel server. The
output buffer and format parameters are not protected.
* wfreerdp: fix invalid VerifyCertificate callback
* rdpsnd/server: decrease audio latency and make it configurable.
* Add an environment variables section to the man
* protocol violation: rdp_read_extended_info_packet
* Added support for OpenH264 1.6
* freerdp: fix sending of TLS alert on NLA failure, add better
handling of server-side NLA in shadow server
* freerdp: add configurable NTLM SAM file option for server-side NLA
* freerdp: make modifications to NLA server-side fixes according to PR comments
* Fixed a windows 8.1 issue.
OBS-URL: https://build.opensuse.org/request/show/437472
OBS-URL: https://build.opensuse.org/package/show/X11:RemoteDesktop/freerdp?expand=0&rev=54
