Revisions of freerdp2
Eric Schirra (ecsos)
committed
(revision 14)
- Backported oss-fuzz fixes * CVE: - CVE-2024-32041 [Low[ OutOfBound Read in zgfx_decompress_segment - CVE-2024-32039 [Moderate] Integer overflow & OutOfBound Write in clear_decompress_residual_data - CVE-2024-32040 [Low] integer underflow in nsc_rle_decode - CVE-2024-32458 [Low] OutOfBound Read in planar_skip_plane_rle - CVE-2024-32459 [Low] OutOfBound Read in ncrush_decompress - CVE-2024-32460 [Low] OutOfBound Read in interleaved_decompress - Backported #10077 - Update to 2.11.5 - Fix integer overflow in progressive decoder - Update OpenSSL API usage for compatiblility with newer versions (#9747) - Prevent NULL dereference for single thread decoder (#9712)
Eric Schirra (ecsos)
committed
(revision 13)
Eric Schirra (ecsos)
committed
(revision 12)
- Update to 2.11.7
Eric Schirra (ecsos)
committed
(revision 11)
Eric Schirra (ecsos)
committed
(revision 10)
Eric Schirra (ecsos)
committed
(revision 9)
Eric Schirra (ecsos)
committed
(revision 8)
Eric Schirra (ecsos)
committed
(revision 7)
Eric Schirra (ecsos)
committed
(revision 6)
Eric Schirra (ecsos)
committed
(revision 5)
- Update to 2.11.4 - fix a typo in unicode commit (#9652) - Update to 2.11.3 - Disabled windows MEDIA FOUNDATION h264 decoder due to reported issues (#9469) - Fix issues with drive redirection (#9530,9554, #9586, #9617) - Use endian safe ICU string converter (#9631) - Improve AAC support (#9577) - Fix swiss german keyboard layout (#9560) - Enable rfx-mode:image (#9428) - Fix winpr-devel dependencies. WinePRTargets-*.cmake defines CMake targets for winpr-hash and winpr-makecert. They have to be present. - Update to 2.11.2 * Backported #9356: Fix issues with order updates * Backported #9378: backported wArrayList (optional) copy on insert * Backported #9360: backported certificate algorithm detection - Update to 2.11.0 * Various input validation fixes * Added various CMake options #9317 * LibreSSL build fixes #8709 * Big endian support * Mouse grabbing support * wayland scrolling fix * Update h264 to use new FFMPEG API * early bail from update_read_window_state_order breaks protocol * rdpecam/server: Remove wrong assertion * bounds checks for gdi/gfx rectangles
Eric Schirra (ecsos)
committed
(revision 4)
- Update to 2.11.4 - fix a typo in unicode commit (#9652) - Update to 2.11.3 - Disabled windows MEDIA FOUNDATION h264 decoder due to reported issues (#9469) - Fix issues with drive redirection (#9530,9554, #9586, #9617) - Use endian safe ICU string converter (#9631) - Improve AAC support (#9577) - Fix swiss german keyboard layout (#9560) - Enable rfx-mode:image (#9428)
Eric Schirra (ecsos)
committed
(revision 3)
* Fix CVE-2023-39350 - boo#1214856 incorrect offset calculation leading to DoS * Fix CVE-2023-39351 - boo#1214857 Null Pointer Dereference leading DoS in RemoteFX * Fix CVE-2023-39352 - boo#1214858 Invalid offset validation leading to Out Of Bound Write * Fix CVE-2023-39353 - boo#1214859 Missing offset validation leading to Out Of Bound Read * Fix CVE-2023-39354 - boo#1214860 Out-Of-Bounds Read in nsc_rle_decompress_data * Fix CVE-2023-39356 - boo#1214862 Missing offset validation leading to Out-of-Bounds Read in gdi_multi_opaque_rect * Fix CVE-2023-40181 - boo#1214863 Integer-Underflow leading to Out-Of-Bound Read in zgfx_decompress_segment * Fix CVE-2023-40186 - boo#1214864 IntegerOverflow leading to Out-Of-Bound Write Vulnerability in gdi_CreateSurface * Fix CVE-2023-40188 - boo#1214866 Out-Of-Bounds Read in general_LumaToYUV444 * Fix CVE-2023-40567 - boo#1214867 Out-Of-Bounds Write in clear_decompress_bands_data * Fix CVE-2023-40569 - boo#1214868 Out-Of-Bounds Write in progressive_decompress * Fix CVE-2023-40589 - boo#1214872 Global-Buffer-Overflow in ncrush_decompress validation issues - boo#1205512, boo#1205563, boo#1205564 * Fixed CVE-2022-24882 - boo#1198919 NTLM not properly check parameters * Fixed CVE-2022-24883 - boo#1198921 Fix authentication against invalid SAM files
Eric Schirra (ecsos)
committed
(revision 2)
- Update to 2.11.4 - fix a typo in unicode commit (#9652) - Update to 2.11.3 - Disabled windows MEDIA FOUNDATION h264 decoder due to reported issues (#9469) - Fix issues with drive redirection (#9530,9554, #9586, #9617) - Use endian safe ICU string converter (#9631) - Improve AAC support (#9577) - Fix swiss german keyboard layout (#9560) - Enable rfx-mode:image (#9428)
Eric Schirra (ecsos)
committed
(revision 1)
- Fix winpr-devel dependencies. WinePRTargets-*.cmake defines CMake targets for winpr-hash and winpr-makecert. They have to be present. - Update to 2.11.2 * Backported #9356: Fix issues with order updates * Backported #9378: backported wArrayList (optional) copy on insert * Backported #9360: backported certificate algorithm detection - Update to 2.11.0 * Various input validation fixes * Added various CMake options #9317 * LibreSSL build fixes #8709 * Big endian support * Mouse grabbing support * wayland scrolling fix * Update h264 to use new FFMPEG API * early bail from update_read_window_state_order breaks protocol * rdpecam/server: Remove wrong assertion * bounds checks for gdi/gfx rectangles * enforce rdpdr client side state checks * deactivate mouse grabbing by default * channels/cliprdr: Fix writing incorrect PDU type for unlock PDUs - Drop patch, now upstream: * Update_h264_to_use_new_FFMPEG_API.patch - Don't compile shared objects with -fPIE and use -pie only for executables - Reenable LTO on ARM
Displaying all 14 revisions