openSUSE Build Service

Overview Repositories Revisions Requests Users Attributes Meta

Revisions of freerdp2

Eric Schirra (ecsos) committed 29 days ago (revision 14)

  - Backported oss-fuzz fixes
  * CVE:
    - CVE-2024-32041 [Low[ OutOfBound Read in zgfx_decompress_segment
    - CVE-2024-32039 [Moderate] Integer overflow & OutOfBound Write in clear_decompress_residual_data
    - CVE-2024-32040 [Low] integer underflow in nsc_rle_decode
    - CVE-2024-32458 [Low] OutOfBound Read in planar_skip_plane_rle
    - CVE-2024-32459 [Low] OutOfBound Read in ncrush_decompress
    - CVE-2024-32460 [Low] OutOfBound Read in interleaved_decompress
  - Backported #10077
- Update to 2.11.5
  - Fix integer overflow in progressive decoder
  - Update OpenSSL API usage for compatiblility with newer versions (#9747)
  - Prevent NULL dereference for single thread decoder (#9712)

Eric Schirra (ecsos) committed 29 days ago (revision 13)

Eric Schirra (ecsos) committed 29 days ago (revision 12)

- Update to 2.11.7

Eric Schirra (ecsos) committed 5 months ago (revision 11)

Eric Schirra (ecsos) committed 5 months ago (revision 10)

Eric Schirra (ecsos) committed 5 months ago (revision 9)

Eric Schirra (ecsos) committed 5 months ago (revision 8)

Eric Schirra (ecsos) committed 5 months ago (revision 7)

Eric Schirra (ecsos) committed 5 months ago (revision 6)

Eric Schirra (ecsos) committed 5 months ago (revision 5)

- Update to 2.11.4
  - fix a typo in unicode commit (#9652)
- Update to 2.11.3
  - Disabled windows MEDIA FOUNDATION h264 decoder due to reported issues (#9469)
  - Fix issues with drive redirection (#9530,9554, #9586, #9617)
  - Use endian safe ICU string converter (#9631)
  - Improve AAC support (#9577)
  - Fix swiss german keyboard layout (#9560)
  - Enable rfx-mode:image (#9428)

- Fix winpr-devel dependencies. WinePRTargets-*.cmake defines
  CMake targets for winpr-hash and winpr-makecert. They have to be
  present.

- Update to 2.11.2
  * Backported #9356: Fix issues with order updates
  * Backported #9378: backported wArrayList (optional) copy on insert
  * Backported #9360: backported certificate algorithm detection

- Update to 2.11.0
  * Various input validation fixes
  * Added various CMake options #9317
  * LibreSSL build fixes #8709
  * Big endian support
  * Mouse grabbing support
  * wayland scrolling fix
  * Update h264 to use new FFMPEG API
  * early bail from update_read_window_state_order breaks protocol
  * rdpecam/server: Remove wrong assertion
  * bounds checks for gdi/gfx rectangles

Eric Schirra (ecsos) committed 5 months ago (revision 4)

- Update to 2.11.4
  - fix a typo in unicode commit (#9652)
- Update to 2.11.3
  - Disabled windows MEDIA FOUNDATION h264 decoder due to reported issues (#9469)
  - Fix issues with drive redirection (#9530,9554, #9586, #9617)
  - Use endian safe ICU string converter (#9631)
  - Improve AAC support (#9577)
  - Fix swiss german keyboard layout (#9560)
  - Enable rfx-mode:image (#9428)

Eric Schirra (ecsos) committed 5 months ago (revision 3)

  * Fix CVE-2023-39350 - boo#1214856
    incorrect offset calculation leading to DoS
  * Fix CVE-2023-39351 - boo#1214857
    Null Pointer Dereference leading DoS in RemoteFX
  * Fix CVE-2023-39352 - boo#1214858
    Invalid offset validation leading to Out Of Bound Write 
  * Fix CVE-2023-39353 - boo#1214859
    Missing offset validation leading to Out Of Bound Read
  * Fix CVE-2023-39354 - boo#1214860
    Out-Of-Bounds Read in nsc_rle_decompress_data
  * Fix CVE-2023-39356 - boo#1214862
    Missing offset validation leading to Out-of-Bounds Read in gdi_multi_opaque_rect
  * Fix CVE-2023-40181 - boo#1214863
    Integer-Underflow leading to Out-Of-Bound Read in zgfx_decompress_segment
  * Fix CVE-2023-40186 - boo#1214864
    IntegerOverflow leading to Out-Of-Bound Write Vulnerability in gdi_CreateSurface
  * Fix CVE-2023-40188 - boo#1214866
    Out-Of-Bounds Read in general_LumaToYUV444
  * Fix CVE-2023-40567 - boo#1214867
    Out-Of-Bounds Write in clear_decompress_bands_data
  * Fix CVE-2023-40569 - boo#1214868
    Out-Of-Bounds Write in progressive_decompress
  * Fix CVE-2023-40589 - boo#1214872
    Global-Buffer-Overflow in ncrush_decompress
    validation issues - boo#1205512, boo#1205563, boo#1205564
  * Fixed CVE-2022-24882 - boo#1198919
    NTLM not properly check parameters 
  * Fixed CVE-2022-24883 - boo#1198921
    Fix authentication against invalid SAM files

Eric Schirra (ecsos) committed 6 months ago (revision 2)

- Update to 2.11.4
  - fix a typo in unicode commit (#9652)
- Update to 2.11.3
  - Disabled windows MEDIA FOUNDATION h264 decoder due to reported issues (#9469)
  - Fix issues with drive redirection (#9530,9554, #9586, #9617)
  - Use endian safe ICU string converter (#9631)
  - Improve AAC support (#9577)
  - Fix swiss german keyboard layout (#9560)
  - Enable rfx-mode:image (#9428)

Eric Schirra (ecsos) committed 6 months ago (revision 1)

- Fix winpr-devel dependencies. WinePRTargets-*.cmake defines
  CMake targets for winpr-hash and winpr-makecert. They have to be
  present.

- Update to 2.11.2
  * Backported #9356: Fix issues with order updates
  * Backported #9378: backported wArrayList (optional) copy on insert
  * Backported #9360: backported certificate algorithm detection

- Update to 2.11.0
  * Various input validation fixes
  * Added various CMake options #9317
  * LibreSSL build fixes #8709
  * Big endian support
  * Mouse grabbing support
  * wayland scrolling fix
  * Update h264 to use new FFMPEG API
  * early bail from update_read_window_state_order breaks protocol
  * rdpecam/server: Remove wrong assertion
  * bounds checks for gdi/gfx rectangles
  * enforce rdpdr client side state checks
  * deactivate mouse grabbing by default
  * channels/cliprdr: Fix writing incorrect PDU type for unlock
    PDUs
- Drop patch, now upstream:
  * Update_h264_to_use_new_FFMPEG_API.patch

- Don't compile shared objects with -fPIE and use -pie only for executables
- Reenable LTO on ARM

Browse Source

Displaying all 14 revisions

Places

Revisions of freerdp2

Places