[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

(E)LTS report for October 2022


in October 2022, on behalf of Freexian and through my company velocitux
UG, I have worked on the following (E)LTS tasks:

ELA-717-1: freerdp

Finished the upload of the update for freerdp after quite tiresome
backporting activites. FreeRDP 1 is a challenging package, because
FreeRDP came as a major rewrite/refactoring, and virtually all
vulnerabilities are only fixed in this branch. Upstrewam also tends to
not do clean patches, and instead burrying CVE fixes in big commits,
without even mentioning the CVE anywhere. Therefore, a few of the open
vulnearbilities had to be marked postponed or ignored, because they
could not be fully identified or backported without causing major
trouble to the codebase. Debian stretch carries a heavily patched Git
snapshot of FreeRDP 1.1 from 2014.


Attachment: signature.asc
Description: PGP signature

Reply to: