| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: libwinpr2-2 | Distribution: openSUSE Tumbleweed |
| Version: 2.11.7 | Vendor: openSUSE |
| Release: 2.1 | Build date: Sat Oct 5 10:05:54 2024 |
| Group: Productivity/Networking/Other | Build host: reproducible |
| Size: 1105698 | Source RPM: freerdp2-2.11.7-2.1.src.rpm |
| Packager: https://bugs.opensuse.org | |
| Url: https://www.freerdp.com/ | |
| Summary: Windows Portable Runtime | |
WinPR provides API compatibility for applications targeting non-Windows environments. When on Windows, the original native API is being used instead of the equivalent WinPR implementation, without having to modify the code using it.
Apache-2.0
* Sat Oct 05 2024 Christophe Marin <christophe@krop.fr>
- Add upstream fixes (picked from Debian) (boo#1231317)
* 0001-info-Fix-incompatible-pointer-type.patch
* 0002-redirection-Fix-incompatible-pointer-type.patch
* 0003-redirection-Fix-incompatible-pointer-type.patch
* 0004-X11-fix-pointer-integer-type-mismatch.patch
* 0005-client-wayland-fix-const-correctness.patch
* 0006-warnings-fix-Wincompatible-pointer-types.patch
* 0007-server-proxy-deactivate-capture-module.patch
* 0001-Fix-build-with-ffmpeg-7.patch
* Mon Jun 03 2024 Hans-Peter Jansen <hpj@urpla.net>
- Update to 2.11.7
+ Backported oss-fuzz fixes
- Update to 2.11.6
+ CVE:
* CVE-2024-32041 [Low[ OutOfBound Read in
zgfx_decompress_segment
* CVE-2024-32039 [Moderate] Integer overflow & OutOfBound Write
in clear_decompress_residual_data
* CVE-2024-32040 [Low] integer underflow in nsc_rle_decode
* CVE-2024-32458 [Low] OutOfBound Read in planar_skip_plane_rle
* CVE-2024-32459 [Low] OutOfBound Read in ncrush_decompress
* CVE-2024-32460 [Low] OutOfBound Read in
interleaved_decompress
+ Noteworthy changes:
* Backported #10077
- Remove these patches, applied upstream:
+ freerdp-CVE-2023-40574-to-2023-40576.patch
+ freerdp-CVE-2024-32658.patch
+ freerdp-CVE-2024-32659.patch
+ freerdp-CVE-2024-32660.patch
* Thu May 23 2024 Daike Yu <yu.daike@suse.com>
- Multiple CVE fixes
+ Add freerdp-CVE-2024-32659.patch (bsc#1223346, CVE-2024-32659)
- out-of-bounds read if `((nWidth == 0) and (nHeight == 0))`
+ Add freerdp-CVE-2024-32660.patch (bsc#1223347, CVE-2024-32660)
- client crash via invalid huge allocation size
+ Add freerdp-CVE-2024-32661.patch (bsc#1223348, CVE-2024-32661)
- client NULL pointer dereference
+ Add freerdp-CVE-2024-32658.patch (bsc#1223353, CVE-2024-32658)
- out-of-bounds read in Interleaved RLE Bitmap Codec in FreeRDP based clients
* Wed Apr 10 2024 Hans-Peter Jansen <hpj@urpla.net>
- Add xfreerdp binary/man builds back with new name: xfreerdp2
* Tue Apr 09 2024 Christophe Marin <christophe@krop.fr>
- Add patch to avoid unneeded dependencies when using winpr-devel:
* 0001-Don-t-add-winpr-cli-tools-to-exported-CMake-targets.patch
* Tue Apr 02 2024 Joan Torres <joan.torres@suse.com>
- Update Source0 URL to make it valid with the actual Source0.
* Tue Mar 26 2024 Joan Torres <joan.torres@suse.com>
- Fix file conflict of wlog.7 with freerdp3
* Thu Mar 14 2024 Joan Torres <joan.torres@suse.com>
- Update to version 2.11.5:
* Fix integer overflow in progressive decoder
* Update OpenSSL API usage for compatiblility with newer versions (#9747)
* Prevent NULL dereference for single thread decoder (#9712)
* Thu Mar 14 2024 Joan Torres <joan.torres@suse.com>
- Modify package names to freerdp2:
* This allows to have a freerdp version 2 and freerdp version 3
simultaneously installed
* Tue Feb 06 2024 Daike Yu <yu.daike@suse.com>
- Add freerdp-CVE-2023-40574-to-2023-40576.patch
* Fix CVE-2023-40574 - bsc#1214869
Out-Of-Bounds Write in general_YUV444ToRGB_8u_P3AC4R_BGRX
* Fix CVE-2023-40575 - bsc#1214870
Out-Of-Bounds Read in general_YUV444ToRGB_8u_P3AC4R_BGRX
* Fix CVE-2023-40576 - bsc#1214871
Out-Of-Bounds Read in RleDecompress
* Thu Nov 16 2023 Christophe Marin <christophe@krop.fr>
- Fix winpr-devel dependencies. WinePRTargets-*.cmake defines
CMake targets for winpr-hash and winpr-makecert. They have to be
present.
* Fri Oct 20 2023 Adriankhl <dlshcbmuipmam@hotmail.com>
- Update to 2.11.2
* Backported #9356: Fix issues with order updates
* Backported #9378: backported wArrayList (optional) copy on insert
* Backported #9360: backported certificate algorithm detection
* Wed Aug 30 2023 Christophe Marin <christophe@krop.fr>
- Update to 2.11.0
* Various input validation fixes
* Added various CMake options #9317
* LibreSSL build fixes #8709
* Big endian support
* Mouse grabbing support
* wayland scrolling fix
* Update h264 to use new FFMPEG API
* early bail from update_read_window_state_order breaks protocol
* rdpecam/server: Remove wrong assertion
* bounds checks for gdi/gfx rectangles
* enforce rdpdr client side state checks
* deactivate mouse grabbing by default
* channels/cliprdr: Fix writing incorrect PDU type for unlock
PDUs
* Fix CVE-2023-39350 - boo#1214856
incorrect offset calculation leading to DoS
* Fix CVE-2023-39351 - boo#1214857
Null Pointer Dereference leading DoS in RemoteFX
* Fix CVE-2023-39352 - boo#1214858
Invalid offset validation leading to Out Of Bound Write
* Fix CVE-2023-39353 - boo#1214859
Missing offset validation leading to Out Of Bound Read
* Fix CVE-2023-39354 - boo#1214860
Out-Of-Bounds Read in nsc_rle_decompress_data
* Fix CVE-2023-39356 - boo#1214862
Missing offset validation leading to Out-of-Bounds Read in gdi_multi_opaque_rect
* Fix CVE-2023-40181 - boo#1214863
Integer-Underflow leading to Out-Of-Bound Read in zgfx_decompress_segment
* Fix CVE-2023-40186 - boo#1214864
IntegerOverflow leading to Out-Of-Bound Write Vulnerability in gdi_CreateSurface
* Fix CVE-2023-40188 - boo#1214866
Out-Of-Bounds Read in general_LumaToYUV444
* Fix CVE-2023-40567 - boo#1214867
Out-Of-Bounds Write in clear_decompress_bands_data
* Fix CVE-2023-40569 - boo#1214868
Out-Of-Bounds Write in progressive_decompress
* Fix CVE-2023-40589 - boo#1214872
Global-Buffer-Overflow in ncrush_decompress
- Drop patch, now upstream:
* Update_h264_to_use_new_FFMPEG_API.patch
* Wed May 31 2023 Andreas Schwab <schwab@suse.de>
- Don't compile shared objects with -fPIE and use -pie only for executables
- Reenable LTO on ARM
* Mon Apr 24 2023 Bjørn Lie <bjorn.lie@gmail.com>
- Add Update_h264_to_use_new_FFMPEG_API.patch: Update h264 to use
new FFMPEG API.
* Thu Feb 16 2023 Hans-Peter Jansen <hpj@urpla.net>
- Ugraded to freerdp 2.10.0
* Fix android build scripts, use CMake from SDK
* Fix connection negotiation with mstsc/msrdc #8426
* [ntlm]: use rfc5929 binding hash algorithm #8430
* [channels,printer] Fixed reference counting #8433
* Fix uwac pixman #8439
* Fix Rdp security #8457
* [client,x11] Detect key autorepeat #8522
* [build] add channel path to RPATH #8551
* Fix build with BUILTIN_CHANNELS=OFF #8560
* revert changes so that the osmajortype/osminortype is not
overwritten #8571
* [uwac] do not use iso C functions #8604
* [winpr,sam] fix inalid NULL arguments #8605
* Fix incompatible function pointer types #8625
* Fixed issues:
* Backported #8581: Ignore data PDUs for DVCs that were not
opened successfully
* Backported #8498: [channel,urbdrc] fix type of usb hotplug
callback
* Backported #8537: Extended info enforce limits
* Backported #8611: [core] add missing redirection fields
- Patches removed, that were accepted upstream
+ freerdp-builtin-channels-off-link-fix.diff
+ freerdp-fix-rpath-settings.diff
* Fri Dec 16 2022 Hans-Peter Jansen <hpj@urpla.net>
- Complement fix for -DBUILTIN_CHANNELS=OFF to fix freerdp-proxy
accessing librdpgfx-client.so: freerdp-fix-rpath-settings.diff
Fixes second part of bnc#1205595.
* Sun Dec 11 2022 Konstantin Voinov <kv@kott.no-ip.biz>
- Disable VAAPI feature due bug https://bugzilla.opensuse.org/show_bug.cgi?id=1205595
* Thu Nov 17 2022 Johannes Weberhofer <jweberhofer@weberhofer.at>
- Ugraded to freerdp 2.9.0
* Backported #gh:FreeRDP/FreeRDP#8252: Support sending server redirection PDU
* Backported #gh:FreeRDP/FreeRDP#8406: Ensure X11 client cursor is never
smaller 1x1
* Backported #gh:FreeRDP/FreeRDP#8403: Fixed multiple client side input
validation issues - boo#1205512, boo#1205563, boo#1205564
(CVE-2022-39316, CVE-2022-39317, CVE-2022-39318, CVE-2022-39319,
CVE-2022-39320, CVE-2022-41877, CVE-2022-39347)
* Backported #7282: Proxy server now discards input events sent before
activation was received
* Backported #gh:FreeRDP/FreeRDP#8324: Internal replacements for md4,
md5 and hmac-md5
For the time being the RDP protocol requires these outdated hash
algorithms. So any distribution that wants to ship a working
FreeRDP should check the options WITH_INTERNAL_MD4 (and depending
on OpenSSL deprecation status WITH_INTERNAL_MD5)
- Fixed issues:
* Backported #gh:FreeRDP/FreeRDP#8341: Null checks in winpr_Digest_Free
* Backported #gh:FreeRDP/FreeRDP#8335: Missing NULL return
in winpr_Digest_New
* Backported #gh:FreeRDP/FreeRDP#8192: Support for audin
version 2 microphone channel
* Backported #gh:FreeRDP/FreeRDP#7282: Discard input events before
activation (Fixes #8374)
* Mon Nov 07 2022 Johannes Weberhofer <jweberhofer@weberhofer.at>
- Ugraded to freerdp 2.8.1
* Fixed CVE-2022-39282 - boo#1204258
using the `/parallel` command line switch might read uninitialized data
* Fixed CVE-2022-39283 - boo#1204257
using the `/video` command line switch might read uninitialized data
* Added missing commit for backported #gh:FreeRDP/FreeRDP#8041:
Remove ALAW/ULAW codecs from linux backends (unreliable)
* Added hash checks for android build script dependencies
- Fixed issues:
* #gh:FreeRDP/FreeRDP#8190: Fix build break with newer FFMPEG versions
* #gh:FreeRDP/FreeRDP#8234: Updated flatpak with build script
* #gh:FreeRDP/FreeRDP#8210: Better execinfo support check for android
* #gh:FreeRDP/FreeRDP#7708: Header now defines DumpThreadHandles
* #gh:FreeRDP/FreeRDP#8176: Check fullscreen state and not setting
* #gh:FreeRDP/FreeRDP#8236: Send resize on window state change
* #gh:FreeRDP/FreeRDP#7611: Audin macOS monterey fix
* #gh:FreeRDP/FreeRDP#8291: Android build script update
* Fix length checks and initialization in the deprecated
(disabled per default) tsmf channel
* Mon Aug 08 2022 Bjørn Lie <bjorn.lie@gmail.com>
- Ugraded to freerdp 2.8.0
* Backported API to get peer accepted channel option flags
* Backported API to get peer accepted channel names
* Backported Stream_CheckAndLogRequiredLength
* Backported #7954: Add server side handling for [MS-RDPET]
* Backported #8010: Add server side handling for [MS-RDPECAM]
* Backported #8041: Remove ALAW/ULAW codecs from linux backends (unreliable)
* Backported #8051: Relieve CLIPRDR filename restriction when connecting to non-MS Windows servers
* Backported #8048: TLS version control
* Backported #7987: Add a new command line arg to enforce tls1.2
- Fixed issues:
* Fixed #7837: Prevent out of bound reads for FFMPEG
* Backported #7859 and #7861: Unwind support for backtrace generation
* Backported #7440: wlfreerdp appid
* Backported #7832: RAIL window restore
* Backported #7833: Refactored WinPR thread locking
* Backported #7893: Mac rdpsnd memory leak fixes
* Backported #7895: Mac audin memory leak fixes
* Backported #7898: Automatic android versioning
* Backported #7916: GFX 10.7 capability support
* Backported #7949: Server RDPSND API improvements
* Backported #7957: Server DVC API improvements
* Backported #7760: Fixed osMinorType values
* Backported #8013: Add missing osMajorType values
* Backported #8076: Fix wrong usage of subband diffing flag (tile artifact fix)
* Tue Apr 26 2022 Johannes Weberhofer <jweberhofer@weberhofer.at>
- Upgraded to freerdp 2.7.0
* OpenSSL3 gateway support (#gh:FreeRDP/FreeRDP#7822)
* various NTLM fixes
* WINPR_ASSERT to ease future backports
* Fixed CVE-2022-24882 - boo#1198919
NTLM not properly check parameters
* Fixed CVE-2022-24883 - boo#1198921
Fix authentication against invalid SAM files
- Fixed issues:
* #gh:FreeRDP/FreeRDP#6786: Use /network:auto by default
* #gh:FreeRDP/FreeRDP#7714: Workaround for broken surface frame marker
* #gh:FreeRDP/FreeRDP#7733: Support 10bit X11 color (BGRX32 only)
* #gh:FreeRDP/FreeRDP#7745: GFX progressive double free
* #gh:FreeRDP/FreeRDP#7808: Disable websockets with /gt:rpc
* #gh:FreeRDP/FreeRDP#7815: RAIL expect LOGON_MSG_SESSION_CONTINUE
* Tue Mar 08 2022 Johannes Weberhofer <jweberhofer@weberhofer.at>
- Upgraded to freerdp 2.6.1
* Decreased logging verbosity, now freerdp is much less verbose by default
* Backported freerdp_abort_connect during freerdp_connect fix (#gh:FreeRDP/FreeRDP#7700)
* Backported improved version dection see docs/version_detection.md for details
* Backported various rdpsnd fixes (#gh:FreeRDP/FreeRDP#7695)
* Wed Feb 23 2022 Johannes Weberhofer <jweberhofer@weberhofer.at>
- Upgraded to freerdp 2.6.0
* Backported android FFMPEG build scripts
* Updated android build dependencies
* Backported AINPUT channel
Fixed issues:
* Backported #gh:FreeRDP/FreeRDP#7303: Fix PDU length for RDPINPUT_PROTOCOL_V300
* Backported #gh:FreeRDP/FreeRDP#7658: Sanitize optional physical monitor size values
* Backported #gh:FreeRDP/FreeRDP#7426: Wayland memory corruption
* Backported #gh:FreeRDP/FreeRDP#7293: Remove unused codec x264
* Backported #gh:FreeRDP/FreeRDP#7541: Allow resolutions larger 2048x2048
* Backported #gh:FreeRDP/FreeRDP#7574: FFMPEG 5.0 support
* Backported #gh:FreeRDP/FreeRDP#7578: FFMPEG 5.0 support
* Backported #gh:FreeRDP/FreeRDP#7580: Fixed device hotplugging
* Backported #gh:FreeRDP/FreeRDP#7583: GetUserNameExA: Prefer getpwuid_r over getlogin_r over getlogin
* Backported #gh:FreeRDP/FreeRDP#7585: Android Mediacodec support
* Mon Jan 24 2022 Predrag Ivanović <predivan@mts.rs>
- Enable FFmpeg support for Leap-15.2+
* Thu Jan 13 2022 Johannes Weberhofer <jweberhofer@weberhofer.at>
- Upgraded to freerdp 2.5.0
* Fixed smartcard login in case a redirection occurs the pin was lost
* Backported windows client drawing fixes
* Backported improved macOS keyboard layout detection
* Backported TcpConnectTimeout
* Backported LibreSSL compatibility patches
* Backported signal handler backtrace
* Backported OpenSSL 3.0 support
* Backport #gh:FreeRDP/FreeRDP#7539: Wayland client clipboard issues
* Backport #gh:FreeRDP/FreeRDP#7509: Various fixes regarding registry
emulation, addin loader and updated locale detection
* Backport #gh:FreeRDP/FreeRDP#7466: Android android_register_pointer
missing initialization
* Thu Dec 02 2021 Fabian Vogt <fvogt@suse.com>
- Add patch to fix connecting without H.264-enabled FFmpeg (boo#1190823):
* 0001-Make-H.264-codec-optional-during-runtime.patch
- Use %autosetup
* Thu Oct 21 2021 Johannes Weberhofer <jweberhofer@weberhofer.at>
- Upgraded to freerdp 2.4.1
Important security issues, boo#1191895:
* CVE-2021-41159: Improper client input validation for gateway connections allows to overwrite memory
* CVE-2021-41160: Improper region checks in all clients allow out of bound write to memory
Noteworthy changes:
* Refactored RPC gateway parsing code
* OpenSSL 3.0 compatibility fixes
* USB redirection: fixed transfer lengths
Fixed issues:
* #gh:FreeRDP/FreeRDP#7363: Length checks in ConvertUTF8toUTF16
* #gh:FreeRDP/FreeRDP#7349: Added checks for bitmap width and heigth values
- Force library update to the latest, renamed versions (followup to
boo#1191755)
* Wed Oct 20 2021 Johannes Weberhofer <jweberhofer@weberhofer.at>
- Renamed libraries to follow packaging standards as requested in
boo#1191755
* Thu Oct 07 2021 Hans-Peter Jansen <hpj@urpla.net>
- Finally nailed it: CMAKE_INSTALL_LIBDIR is absolute on Leaps and
relative on TW, but freerdp requires the relative variant.
Fixes boo#1190919
* Wed Oct 06 2021 Hans-Peter Jansen <hpj@urpla.net>
- Remove freerdp-fix-plugin-path.patch again, the problem was
introduced/fixed by cmake changes
* Sat Sep 18 2021 Hans-Peter Jansen <hpj@urpla.net>
- Create an explicit freerdp dependency for libwinpr
* Fri Sep 17 2021 Hans-Peter Jansen <hpj@urpla.net>
- Add preliminary patch freerdp-fix-plugin-path.patch to fix dynamic
addin loading
* Fri Sep 17 2021 Johannes Weberhofer <jweberhofer@weberhofer.at>
- Modified spec to satisfy because obs-service-source_validator does not
support elif
* Wed Sep 15 2021 Hans-Peter Jansen <hpj@urpla.net>
- Fix the spec-cleaner mess
- Enable a few options on TW
- Build for 15.3 required another lib
- Remove X264 option, no related backend exists and enabling it fails
in cmake creation stage
* Fri Aug 20 2021 Hans-Peter Jansen <hpj@urpla.net>
- Reorganize build flags
- Apply fix for -DBUILTIN_CHANNELS=OFF: freerdp-builtin-channels-off-link-fix.diff
- Add plugins to libwinpr
* Wed Aug 11 2021 Johannes Weberhofer <jweberhofer@weberhofer.at>
- Updated to release 2.4.0
Noteworthy changes:
* Backported multithreaded progressive decoder (#7036)
* Backported clipboard fixes (#6924)
* Fixed remote file read (#7185)
Fixed issues:
* #gh:FreeRDP/FreeRDP#6938: RAILS clipboard remote -> local
* #gh:FreeRDP/FreeRDP#6985: Support newer FFMPEG builds
* #gh:FreeRDP/FreeRDP#6989: Use OpenSSL default certificate store settings
* #gh:FreeRDP/FreeRDP#7073: Planar alignment fixes
* Mon Mar 15 2021 Johannes Weberhofer <jweberhofer@weberhofer.at>
- Updated to release 2.3.2
Noteworthy changes:
* Fixed autoreconnect printer backend loading
* Fixed compilation on older mac os versions < 10.14
* Fixed mouse pointer move with smart-sizing
* Added command line option to disable websocket gateway support
* Fixed drive hotplugging issues with windows
* Fixed smartcard issues on mac
Fixed issues:
* #gh:FreeRDP/FreeRDP#6900: Transparency issues with aFreeRDP
* #gh:FreeRDP/FreeRDP#6848: Invalid format string in smartcard trace
* #gh:FreeRDP/FreeRDP#6846: Fixed static builds
* #gh:FreeRDP/FreeRDP#6888: Crash due to missing bounds checks
* #gh:FreeRDP/FreeRDP#6882: Use default sound device on mac
* Mon Mar 01 2021 Johannes Weberhofer <jweberhofer@weberhofer.at>
- Updated to release 2.3.1
Noteworthy changes:
* This is a compatibility bugfix release readding some (deprecated)
symbols/defines
* Also add some more EXPERIMENTAL warnings to CMake flags as some were not
clear enough.
* Fixed a memory leak in xfreerdp (mouse pointer updates)
* No longer activating some compile time debug options with
- DWITH_DEBUG_ALL=ON which might leak sensitive information.
* Added -DDEFINE_NO_DEPRECATED for developers to detect use of
deprecated symbols
* Thu Feb 25 2021 Johannes Weberhofer <jweberhofer@weberhofer.at>
- Updated to release 2.3.0
Noteworthy changes:
* Websocket support for proxy connections
* Progressive codec improvements. Reduces graphical glitches against windows
and ogon servers
* Fixed +glyph-cache, now working properly without disconnects
* Huge file support in clipboard
* XWayland support for xfreerdp (keyboard grabbing)
* Improved wlfreerdp (wayland client)
* Option to allow keyboard scancodes to be remapped manually
* Improved mouse wheel behaviour when scrolling
* Improved dynamic channel behaviour, more stable event detection
* New connection state PubSub notification: Clients can now monitor current
connection state
Fixes:
* gh#FreeRDP/FreeRDP/6626: Fixed parsing of FastGlyph order.
gh#FreeRDP/FreeRDP/6624: Added support for xwayland keyboard grab
gh#FreeRDP/FreeRDP/6492: Added clipboard CB_HUGE_FILE_SUPPORT_ENABLED flag
gh#FreeRDP/FreeRDP/6428: Improve NLA error code logging.
gh#FreeRDP/FreeRDP/6416: Http gateway message support
gh#FreeRDP/FreeRDP/6753: List of pull requests to backport for stable-next
- Added freerdp-rpmlintrc to supress a false positive as gethostbyname() is
a windows-function call not a unix one.
/usr/lib64/libwinpr-tools2.so.2 /usr/lib64/libwinpr-tools2.so.2.11.7 /usr/lib64/libwinpr2.so.2 /usr/lib64/libwinpr2.so.2.11.7 /usr/share/licenses/libwinpr2-2 /usr/share/licenses/libwinpr2-2/LICENSE /usr/share/man/man7/wlog2.7.gz
Generated by rpm2html 1.8.1
Fabrice Bellet, Sat Nov 2 01:15:01 2024