[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

freerdp2_2.11.7+dfsg1-6~deb12u1_source.changes ACCEPTED into proposed-updates->stable-new

Thank you for your contribution to Debian.

Mapping bookworm to stable.
Mapping stable to proposed-updates.

Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 19 Apr 2025 17:02:34 +0200
Source: freerdp2
Architecture: source
Version: 2.11.7+dfsg1-6~deb12u1
Distribution: bookworm
Urgency: high
Maintainer: Debian Remote Maintainers <debian-remote@lists.debian.org>
Changed-By: Tobias Frost <tobi@debian.org>
Closes: 1036095 1041377 1051638 1053317 1061173 1061952 1069728 1072112 1072413 1073156 1074969 1079025
Changes:
 freerdp2 (2.11.7+dfsg1-6~deb12u1) bookworm; urgency=high
 .
   * Non-maintainer upload by the LTS Team for stable proposed updates.
   * Revert time64_t transition commits, as they are not applicable to bookworm.
   * Revert turning on keberos support.
   * Reverting B-D: Depend on pkg-config instead of pkgconf.
   * Do not use ffmpeg7 patch, bookworm is still at ffmpeg5.
 .
 freerdp2 (2.11.7+dfsg1-6) unstable; urgency=medium
 .
   * Team upload
   * d/tests/connect: use /cert-tofu to avoid errors with proxies
 .
 freerdp2 (2.11.7+dfsg1-5) unstable; urgency=medium
 .
   * autopkgtest: add Depends: ca-certificates
 .
 freerdp2 (2.11.7+dfsg1-4) unstable; urgency=medium
 .
   * Replace autopkgtests with the tests used by freerdp3 (Closes: #1079025)
 .
 freerdp2 (2.11.7+dfsg1-3) unstable; urgency=high
 .
   * Team upload
 .
   [ Jeremy Bícha ]
   * SECURITY UPDATE: NULL access and crash (Closes: #1072112
     - debian/patches/CVE-2024-32661.patch: fix missing check in
       rdp_write_logon_info_v1 in libfreerdp/core/info.c.
     - CVE-2024-32661
   * Cherry-pick several patches to fix build with gcc-14
     (Closes: #1074969) (LP: #2075965)
   * Remove obsolete 32-bit time transition lintian overrides
 .
   [ Sébastien Noel ]
   * Add patch to fix build with ffmpeg 7 (Closes: #1072413)
 .
   [ Bernhard Übelacker ]
   * Apply multiple fixes to autopkgtests (Closes: #1079025)
 .
 freerdp2 (2.11.7+dfsg1-2) unstable; urgency=medium
 .
   * debian/tests/control:
     + Add xauth. Fix tests on Debian, where xvfb does not pull-in xauth as
       dependency (other than in Ubuntu).
 .
 freerdp2 (2.11.7+dfsg1-1) unstable; urgency=medium
 .
   [ Mike Gabriel ]
   * New upstream release. (Closes: #1069728).
     + CVE-2024-32041 [Low[ OutOfBound Read in zgfx_decompress_segment.
     + CVE-2024-32039 [Moderate] Integer overflow & OutOfBound Write in
       clear_decompress_residual_data.
     + CVE-2024-32040 [Low] integer underflow in nsc_rle_decode.
     + CVE-2024-32458 [Low] OutOfBound Read in planar_skip_plane_rle.
     + CVE-2024-32459 [Low] OutOfBound Read in ncrush_decompress.
     + CVE-2024-32460 [Low] OutOfBound Read in interleaved_decompress.
 .
   [ Nathan Pratta Teodosio ]
   * Add autopkgtest to test whether a client can connect
     to an XRDP server via freerdp2 and that the login screen shows up
     (Closes: #1073156) (LP: #2060976)
 .
 freerdp2 (2.11.5+dfsg1-1) unstable; urgency=medium
 .
   * New upstream release.
     - CVE-2024-22211: Fix integer overflow in progressive decoder. (Closes:
       #1061173).
   * Upload time_t64 changes to unstable. (Closes: #1061952).
   * debian/watch:
     + Adjust so we only see 2.x release.
   * debian/control:
     + Switch from pkg-config to pkgconf. Thanks, lintian.
 .
 freerdp2 (2.11.2+dfsg1-1.1~exp2) experimental; urgency=medium
 .
   * Non-maintainer upload.
   * Rename libraries for 64-bit time_t transition.
   * Account for additional t64 Breaks/Replaces (Closes #1061982).
 .
 freerdp2 (2.11.2+dfsg1-1) unstable; urgency=medium
 .
   * New upstream release. (Closes: #1051638).
   * Fixed security issues since v2.11.0:
     - CVE-2023-40589: [codec,ncrush] fix index checks properly verify all
       offsets while decoding data.
     - CVE-2023-40567: Fix out-of-bounds write in the
       `clear_decompress_bands_data` function.
     - CVE-2023-40188: Fix out-of-bounds read in the `general_LumaToYUV444`
       function.
     - CVE-2023-40186: Fix out-of-bounds write in the `gdi_CreateSurface`
       function.
     - CVE-2023-40181: Fix out-of-bounds read in the `zgfx_decompress_segment`
       function.
     - CVE-2023-39356: Fix out-of-bounds read in the `gdi_multi_opaque_rect`
       function.
     - CVE-2023-39355: Fix use-after-free in processing
       `RDPGFX_CMDID_RESETGRAPHICS` packets.
     - CVE-2023-39354: Fix out-of-bounds read in the `nsc_rle_decompress_data`
       function.
     - CVE-2023-39353: Fix missing offset validation leading to out-of-bounds
       read in the `libfreerdp/codec/rfx.c` file.
     - CVE-2023-39352: Fix invalid offset validation leading to out-of-bounds
       write.
     - CVE-2023-39351: Fix null-pointer-dereference leading a crash in the
       RemoteFX (rfx) handling.
     - CVE-2023-39350: Fix integer underflow leading to DOS (e.g. abort due to
       `WINPR_ASSERT` with default compilation flags).
   * debian/patches:
     + Drop 0001_fix_ftbfs_1041377.patch. Applied upstream.
   * debian/control:
     + Add B-D: libkrb5-dev.
   * debian/rules:
     + Add -DWITH_KERBEROS=ON configure option. (Closes: #1036095).
   * debian/watch:
     + Rework file. Find all released versions of freerdp2. (Closes: #1053317).
       Thanks to Tobias Frost for sending a patch.
 .
 freerdp2 (2.10.0+dfsg1-1.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * debian/patches/0001_fix_ftbfs_1041377.patch:
     - include upstream fix for FTBFS with FFmpeg 6.0
       (Closes: #1041377)
Checksums-Sha1:
 1e89f8211df3144cf1cbec5ca08b5baccb66bb68 3586 freerdp2_2.11.7+dfsg1-6~deb12u1.dsc
 245165e9a6a8b09d41f4a81a05986bb0793d8ea4 2272440 freerdp2_2.11.7+dfsg1.orig.tar.xz
 a715fd378d45bf22fd175cd777145fc026bc5021 50484 freerdp2_2.11.7+dfsg1-6~deb12u1.debian.tar.xz
 a333884b20862e37261ac82af240e6b51d5a2dff 22569 freerdp2_2.11.7+dfsg1-6~deb12u1_amd64.buildinfo
Checksums-Sha256:
 41d96228a0d5423a0097d54186bf3d4042f67125e3320246b609b7442c2e9370 3586 freerdp2_2.11.7+dfsg1-6~deb12u1.dsc
 27339a725e5bc4af867cd3f4825b1dbffced05a1fe1487b1e0baea7649050a58 2272440 freerdp2_2.11.7+dfsg1.orig.tar.xz
 a3ff469b468512f4a986e5b93136b2b9d19cbc4b6264af5071d9483d1ca5fb43 50484 freerdp2_2.11.7+dfsg1-6~deb12u1.debian.tar.xz
 3b20b75351799279532945882fbe7aad59719bde0c0162f914468a12b972da51 22569 freerdp2_2.11.7+dfsg1-6~deb12u1_amd64.buildinfo
Files:
 d3eb0ff229a46e813f363e6d03917ebd 3586 x11 optional freerdp2_2.11.7+dfsg1-6~deb12u1.dsc
 5aaf33f976ccce406af7f44affb1edee 2272440 x11 optional freerdp2_2.11.7+dfsg1.orig.tar.xz
 9135bc71a874db3608923a57ed4f30c4 50484 x11 optional freerdp2_2.11.7+dfsg1-6~deb12u1.debian.tar.xz
 43c204039be4001b6b0232f5ac6d064c 22569 x11 optional freerdp2_2.11.7+dfsg1-6~deb12u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE/d0M/zhkJ3YwohhskWT6HRe9XTYFAmgDwA0ACgkQkWT6HRe9
XTa7qxAAh0dgcGpmHTD0geRpMzOtLD1XBV4zoUd+XIgVrJDJBrwoNDKUsmNCD6lR
vUhBVa7cgajEr5IlyQtiQOCPNb0+6ZNWPY2xdK/KvaCjScBzeip3Q8gnqgHzCghz
uDrmPoFrogvaEo6VnESFkWslEKBXJuhMEMcanLB3IlA85bd+v7P4UjOhXrkRmd8j
n2cauYqPEP3EQjS9Dal5IJNRKU/m/7AWSvwKuBpS2isKJHgoWuTTo0C82kx2GylM
oTTCyZqE1P3w0RDF8nx0HzTA172UvW7B/G5pubRWJ6Jg8ytDMMqrrypzp04sKeXf
iWhyAWdLLcljmDXxWVsEIxDInENwbvHAy+FI6wYosokNKklL+1gGNKQ1dO1qCZoN
dPhjoXsrXspXbZfIZ/MW9a97EUtRk43Ha4WNgkTVeZqPBfrig9mL9Rjqd51mArMK
s0hbvhXSa8gzLp9EGZLpVw/W7RL5CTJZhJk2BVHSMq/ykPjmeYQbdhkWoU4gjPwL
heg0VrO9RinKLwGMRZqCebbf1Tk++n/aHNpBwzKQ/4ORU1Cp8JkehHDfMEmhR4DB
I5Sez4B2FCh+LfUdu5LOwMtJEWSe/8F3TGxR8HDZaJA673OlPEinDICVWuNIhL7s
qgACMX+Td4dES90Uts9T//NVDuswdK+fqgDLr4i/GV6O3ppFNG4=
=DY70
-----END PGP SIGNATURE-----

Attachment: pgpBfTTkhU77W.pgp
Description: PGP signature

Reply to: