-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sun, 01 Oct 2023 23:21:15 +0200 Source: freerdp2 Architecture: source Version: 2.11.2+dfsg1-1 Distribution: unstable Urgency: medium Maintainer: Debian Remote Maintainers <debian-remote@lists.debian.org> Changed-By: Mike Gabriel <sunweaver@debian.org> Closes: 1036095 1051638 1053317 Changes: freerdp2 (2.11.2+dfsg1-1) unstable; urgency=medium . * New upstream release. (Closes: #1051638). * Fixed security issues since v2.11.0: - CVE-2023-40589: [codec,ncrush] fix index checks properly verify all offsets while decoding data. - CVE-2023-40567: Fix out-of-bounds write in the `clear_decompress_bands_data` function. - CVE-2023-40188: Fix out-of-bounds read in the `general_LumaToYUV444` function. - CVE-2023-40186: Fix out-of-bounds write in the `gdi_CreateSurface` function. - CVE-2023-40181: Fix out-of-bounds read in the `zgfx_decompress_segment` function. - CVE-2023-39356: Fix out-of-bounds read in the `gdi_multi_opaque_rect` function. - CVE-2023-39355: Fix use-after-free in processing `RDPGFX_CMDID_RESETGRAPHICS` packets. - CVE-2023-39354: Fix out-of-bounds read in the `nsc_rle_decompress_data` function. - CVE-2023-39353: Fix missing offset validation leading to out-of-bounds read in the `libfreerdp/codec/rfx.c` file. - CVE-2023-39352: Fix invalid offset validation leading to out-of-bounds write. - CVE-2023-39351: Fix null-pointer-dereference leading a crash in the RemoteFX (rfx) handling. - CVE-2023-39350: Fix integer underflow leading to DOS (e.g. abort due to `WINPR_ASSERT` with default compilation flags). * debian/patches: + Drop 0001_fix_ftbfs_1041377.patch. Applied upstream. * debian/control: + Add B-D: libkrb5-dev. * debian/rules: + Add -DWITH_KERBEROS=ON configure option. (Closes: #1036095). * debian/watch: + Rework file. Find all released versions of freerdp2. (Closes: #1053317). Thanks to Tobias Frost for sending a patch. Checksums-Sha1: 5149ac5e5a560614408c8664f06d2d7bf3b5ecf3 3518 freerdp2_2.11.2+dfsg1-1.dsc 262a5ff14bf3e2a03b2529c9d5962414554c288c 2268824 freerdp2_2.11.2+dfsg1.orig.tar.xz 59e18560fd7f0c18cb0fdcb3cdd472cfb0d88c60 44784 freerdp2_2.11.2+dfsg1-1.debian.tar.xz ac1775c2c450bd7d609ed44f055ec8b965d272b0 14370 freerdp2_2.11.2+dfsg1-1_source.buildinfo Checksums-Sha256: 053344e6b3ef782e3dd7364aed3a0e6e8004dbd6a04efbcf30ca1fa17d1ddbe1 3518 freerdp2_2.11.2+dfsg1-1.dsc fbe63d87fc728af1465ecbf9db9769fc5c735855773d041d4f288d79e5063a6b 2268824 freerdp2_2.11.2+dfsg1.orig.tar.xz a048fe57385f3c67d25cecf0cb70332e73677623a95a5a6ce5f83fd2aecdea7b 44784 freerdp2_2.11.2+dfsg1-1.debian.tar.xz 36f7196a2517701ba7353291cbba7ba29d0be70a5eec9101c42c4a1302ebecf4 14370 freerdp2_2.11.2+dfsg1-1_source.buildinfo Files: fd1e9a065660ff59a78afa0ff2315827 3518 x11 optional freerdp2_2.11.2+dfsg1-1.dsc 874258578f462c51cc87959df65c4758 2268824 x11 optional freerdp2_2.11.2+dfsg1.orig.tar.xz c7f678153546331cefc46912b638a15c 44784 x11 optional freerdp2_2.11.2+dfsg1-1.debian.tar.xz 4ada004ba337bf63cca4fe7d27b2c91b 14370 x11 optional freerdp2_2.11.2+dfsg1-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJJBAEBCAAzFiEEm/uu6GwKpf+/IgeCmvRrMCV3GzEFAmUZ6g8VHHN1bndlYXZl ckBkZWJpYW4ub3JnAAoJEJr0azAldxsx3b0P/As6OfaeBmX9z5T7v7nHdNqta9eJ MAfjFhER2bI0yVaQ3qEPHe6Y5opNBQ1+luoGSHve7CkaBy+6K2BCzNbjlOZXKJdY /iJ9jO3v6z179gxukJJ/cQvzRrjH9zioFjaYhgMUu4pKJnATuQYge2OmMiqoqyyW 9apumT5X+jQF4A5O2S4NxjUuPBV+tYdAIcdKTBtK3cXgSJBNpziRd/8CTYKV77Lz XzAtmFsh2R/+dNYGAMaN1poH8WZvSE13REETIcA0zTeKbohvZYe/tGZvWC9Uiq0b X0j2WAEZnvogFu1Xr2wKqV0BbFlMLja0ri+CEZBwKyV4eBMFb3c4uoxHG+Yp9rfJ 334pAAZ1yFHJ4HsQror4HHS+pUqQ/Gi0pA9iXSVBHEPpQWNIgXMmqFqK0DjbW3j6 5nSwDeYnSuXWkRMFIZj3hWpgXux/kIlp11Glu2Kf96sgPXCihtfXa8flRT2FE2ZL jOlgEgU8V0k1yrGPl68ro0p3v81pTcDPkC9BCyRbjM0btAckhawRKErzBG3puH77 WxkqSHn0p0gec7i60/UYcpini98ahsOOLbsFC/+4BcWaMda2kEqb4EW3PDR1YzoR ggkBacnRcHKfd+EHDV59fxE5PQwnFDNcmYtZgBDuFwOJrEEKta/PP6HqHTAEFYEr thSXlq+xZqzQ6Luy =K8zI -----END PGP SIGNATURE-----
