-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 25 Mar 2026 20:00:40 +0300
Source: freerdp3
Architecture: source
Version: 3.24.2+dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Remote Maintainers <debian-remote@lists.debian.org>
Changed-By: Michael Tokarev <mjt@tls.msk.ru>
Changes:
freerdp3 (3.24.2+dfsg-1) unstable; urgency=medium
.
* new upstream bugfix/security release:
CVE-2026-31883 `size_t` underflow in ADPCM decoder leads
to heap-buffer-overflow write
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-85x9-4xxp-xhm5
CVE-2026-31897 Out-of-bounds read in `freerdp_bitmap_decompress_planar`
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-xgv6-r22m-7c9x
CVE-2026-33952 DoS via WINPR_ASSERT in rts_read_auth_verifier_no_checks
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4v4p-9v5x-hc93
CVE-2026-33977 DoS via WINPR_ASSERT in IMA ADPCM audio decoder (dsp.c:331)
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-8f2g-3q27-6xm5
CVE-2026-33995 double free in kerberos_AcceptSecurityContext
and kerberos_IntitalizeSecurityContextA
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-mv25-f4p2-5mxx
CVE-2026-33984 ClearCodec resize_vbar_entry() Heap OOB Write
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-8469-2xcx-frf6
CVE-2026-33983 Progressive Codec Quant BYTE Underflow - UB + CPU DoS
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4gfm-4p52-h478
CVE-2026-33985 ClearCodec Glyph Cache Count Desync - Heap OOB Read
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-x6gr-8p7h-5h85
CVE-2026-33986 H.264 YUV Buffer Dimension Desync - Heap OOB Write
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-h6qw-wxvm-hf97
CVE-2026-33987 Persistent Cache bmpSize Desync - Heap OOB Write
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-ff8h-p5vc-wcwc
CVE-2026-33982 Persistent Cache Allocator Mismatch - Heap OOB Read
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-8jm9-2925-g4v2
Checksums-Sha1:
35175656a7d030e079587bc825f51fb8c668aceb 4652 freerdp3_3.24.2+dfsg-1.dsc
42c72ae391f7e5365c9aa462dd592aa1373eface 5137920 freerdp3_3.24.2+dfsg.orig.tar.xz
3f11f5b06b26eee88ff8f4c79b3717fc1da63d7e 54176 freerdp3_3.24.2+dfsg-1.debian.tar.xz
f4eeb9a76a6c8118db79a70685643dd5752d408d 6071 freerdp3_3.24.2+dfsg-1_source.buildinfo
Checksums-Sha256:
b05cd2777ea09b806a8dd6418a4965beba429fab36f445a4d1838dcea86f3ac7 4652 freerdp3_3.24.2+dfsg-1.dsc
aeafc1587dbce2698b97c0b2e1c7e29cd0211fa56a556068fd3eaf2faa7405f9 5137920 freerdp3_3.24.2+dfsg.orig.tar.xz
ddaf93b67cebc94d170f1c4ec610fdf6191389dd6a4d1457d6e34f35917a769b 54176 freerdp3_3.24.2+dfsg-1.debian.tar.xz
d1a3dea7faa0a6951e5562ab5a7fc447d76d3884756aa072482b89b2ed4f1068 6071 freerdp3_3.24.2+dfsg-1_source.buildinfo
Files:
a5e5a6193df348b2a205636427ed7720 4652 x11 optional freerdp3_3.24.2+dfsg-1.dsc
a65744dc9e77df22b6113f4d34c3e697 5137920 x11 optional freerdp3_3.24.2+dfsg.orig.tar.xz
52006fe41cbb1af84b4bddbdc2d5026e 54176 x11 optional freerdp3_3.24.2+dfsg-1.debian.tar.xz
edf85b06b26a45b99f2674a87b388edd 6071 x11 optional freerdp3_3.24.2+dfsg-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
wsG7BAEBCgBvBYJpxEXaCRCCqkokOx6UeEcUAAAAAAAeACBzYWx0QG5vdGF0aW9u
cy5zZXF1b2lhLXBncC5vcmd8mw4LFLrE22RI0VZ6EhPUzy97weFET0PZ7XWuUqsB
MxYhBGSqKrUx1WkDNmv++YKqSiQ7HpR4AAAbpxAAo/PUGI0k7hltw/V7LwqjNpTX
d/cZmaJ4KVvzC6U4pL9rx7NwXmiwAP7y7mav7zIp0LXMthZX9lBDmLvbbCu6YohV
6iAeuhpjsUn13GjKNV0PG9dtRdLbhEcx6JUGY56Z40/A4fv5Qh/4/KJYc2IqBmRp
QyRwC23SseOvbHil+LPmxmJA6Gok95DN0ek4yoC+wHnioqGjEQxKDdDXy5LfnFbH
MpODCSZJsfYmLwtHIlLtTxnf4WehzUAN3PoFPOTVk6tU2Rgm6gebWSRJx6+S2bkZ
hZPuQnUa3HLgUDW9PRghsrNZBilbQHzGlMxmep9ddCr6mGmTZe9CqEc7SYtg2ey7
RqAjOK8uRHiHwOi4GGTPF8+D8WdarLqwYg1O37C6xPGAY6wXELle/hL29Rd47NLf
Wz5HUbu6LwhynBaejz4WLalfOlojg9UE9jO639lObdROVVzCJ9vbEfsypPvzV64U
9K5HREippPl1YuFjn83yAPoBr/NCwxCwcEFT4ddCeQLU1Zb3JBxjezwmZbqXYKTN
0mlhdabZ85FeAuTBv6+s+xsTO6iSC4DZiHvb7t1t2Y9O6SecMWfypCmjHmKAuP81
gHbI7xfYsUXdPBdFzM0OXt9Pezek1LX4h/3DmGEjX+a5aEGOFLAwauyPFEl9mwsV
XxPBk4HDzJDOrGSzUj8=
=sqfk
-----END PGP SIGNATURE-----
