Back to freerdp2 PTS page

Accepted freerdp2 2.11.2+dfsg1-1 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted freerdp2 2.11.2+dfsg1-1 (source) into unstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Sun, 01 Oct 2023 22:08:01 +0000
Debian: DAK
Debian-architecture: source
Debian-archive-action: accept
Debian-changes: freerdp2_2.11.2+dfsg1-1_source.changes
Debian-source: freerdp2
Debian-suite: unstable
Debian-version: 2.11.2+dfsg1-1
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=aSaQFdfObGOolz/qMkwLlezcBlMus17SWxzEtpQ8qGM=; b=tVbVxzBUrVTbbVyKAK44eAKwMO 30wPbNBLK9qlz3ozANLYL1MaXMOsc6hgNjfnBLcoUtkX6qTxYDElXZYt2wy2kl99W9fIKasyZ+QuR QqBA9c4NIErzzBPegxtHgpxlFvN9kSpLocc1QpReH1h1oY/gSh857dg5CEHHmBtWup5+zuidWtNTK Ej0HLs10T/vIEyrXb+J944FYH0aIr8sf8c7/9s3jOj7fgXEYDzmhuFHuRwbW2KqS7SqqVEQSYq0GQ 0785gZ2EDlM5spHEFT8mwGhdN1Y+4ewBmYY1rCZ/VDKZd1d/HiNq8lefVLy/BGdpzbGo/txpyLqLX DiBYMelQ==;
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1qn4bZ-001Yrk-GG@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 01 Oct 2023 23:21:15 +0200
Source: freerdp2
Architecture: source
Version: 2.11.2+dfsg1-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Remote Maintainers <debian-remote@lists.debian.org>
Changed-By: Mike Gabriel <sunweaver@debian.org>
Closes: 1036095 1051638 1053317
Changes:
 freerdp2 (2.11.2+dfsg1-1) unstable; urgency=medium
 .
   * New upstream release. (Closes: #1051638).
   * Fixed security issues since v2.11.0:
     - CVE-2023-40589: [codec,ncrush] fix index checks properly verify all
       offsets while decoding data.
     - CVE-2023-40567: Fix out-of-bounds write in the
       `clear_decompress_bands_data` function.
     - CVE-2023-40188: Fix out-of-bounds read in the `general_LumaToYUV444`
       function.
     - CVE-2023-40186: Fix out-of-bounds write in the `gdi_CreateSurface`
       function.
     - CVE-2023-40181: Fix out-of-bounds read in the `zgfx_decompress_segment`
       function.
     - CVE-2023-39356: Fix out-of-bounds read in the `gdi_multi_opaque_rect`
       function.
     - CVE-2023-39355: Fix use-after-free in processing
       `RDPGFX_CMDID_RESETGRAPHICS` packets.
     - CVE-2023-39354: Fix out-of-bounds read in the `nsc_rle_decompress_data`
       function.
     - CVE-2023-39353: Fix missing offset validation leading to out-of-bounds
       read in the `libfreerdp/codec/rfx.c` file.
     - CVE-2023-39352: Fix invalid offset validation leading to out-of-bounds
       write.
     - CVE-2023-39351: Fix null-pointer-dereference leading a crash in the
       RemoteFX (rfx) handling.
     - CVE-2023-39350: Fix integer underflow leading to DOS (e.g. abort due to
       `WINPR_ASSERT` with default compilation flags).
   * debian/patches:
     + Drop 0001_fix_ftbfs_1041377.patch. Applied upstream.
   * debian/control:
     + Add B-D: libkrb5-dev.
   * debian/rules:
     + Add -DWITH_KERBEROS=ON configure option. (Closes: #1036095).
   * debian/watch:
     + Rework file. Find all released versions of freerdp2. (Closes: #1053317).
       Thanks to Tobias Frost for sending a patch.
Checksums-Sha1:
 5149ac5e5a560614408c8664f06d2d7bf3b5ecf3 3518 freerdp2_2.11.2+dfsg1-1.dsc
 262a5ff14bf3e2a03b2529c9d5962414554c288c 2268824 freerdp2_2.11.2+dfsg1.orig.tar.xz
 59e18560fd7f0c18cb0fdcb3cdd472cfb0d88c60 44784 freerdp2_2.11.2+dfsg1-1.debian.tar.xz
 ac1775c2c450bd7d609ed44f055ec8b965d272b0 14370 freerdp2_2.11.2+dfsg1-1_source.buildinfo
Checksums-Sha256:
 053344e6b3ef782e3dd7364aed3a0e6e8004dbd6a04efbcf30ca1fa17d1ddbe1 3518 freerdp2_2.11.2+dfsg1-1.dsc
 fbe63d87fc728af1465ecbf9db9769fc5c735855773d041d4f288d79e5063a6b 2268824 freerdp2_2.11.2+dfsg1.orig.tar.xz
 a048fe57385f3c67d25cecf0cb70332e73677623a95a5a6ce5f83fd2aecdea7b 44784 freerdp2_2.11.2+dfsg1-1.debian.tar.xz
 36f7196a2517701ba7353291cbba7ba29d0be70a5eec9101c42c4a1302ebecf4 14370 freerdp2_2.11.2+dfsg1-1_source.buildinfo
Files:
 fd1e9a065660ff59a78afa0ff2315827 3518 x11 optional freerdp2_2.11.2+dfsg1-1.dsc
 874258578f462c51cc87959df65c4758 2268824 x11 optional freerdp2_2.11.2+dfsg1.orig.tar.xz
 c7f678153546331cefc46912b638a15c 44784 x11 optional freerdp2_2.11.2+dfsg1-1.debian.tar.xz
 4ada004ba337bf63cca4fe7d27b2c91b 14370 x11 optional freerdp2_2.11.2+dfsg1-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJJBAEBCAAzFiEEm/uu6GwKpf+/IgeCmvRrMCV3GzEFAmUZ6g8VHHN1bndlYXZl
ckBkZWJpYW4ub3JnAAoJEJr0azAldxsx3b0P/As6OfaeBmX9z5T7v7nHdNqta9eJ
MAfjFhER2bI0yVaQ3qEPHe6Y5opNBQ1+luoGSHve7CkaBy+6K2BCzNbjlOZXKJdY
/iJ9jO3v6z179gxukJJ/cQvzRrjH9zioFjaYhgMUu4pKJnATuQYge2OmMiqoqyyW
9apumT5X+jQF4A5O2S4NxjUuPBV+tYdAIcdKTBtK3cXgSJBNpziRd/8CTYKV77Lz
XzAtmFsh2R/+dNYGAMaN1poH8WZvSE13REETIcA0zTeKbohvZYe/tGZvWC9Uiq0b
X0j2WAEZnvogFu1Xr2wKqV0BbFlMLja0ri+CEZBwKyV4eBMFb3c4uoxHG+Yp9rfJ
334pAAZ1yFHJ4HsQror4HHS+pUqQ/Gi0pA9iXSVBHEPpQWNIgXMmqFqK0DjbW3j6
5nSwDeYnSuXWkRMFIZj3hWpgXux/kIlp11Glu2Kf96sgPXCihtfXa8flRT2FE2ZL
jOlgEgU8V0k1yrGPl68ro0p3v81pTcDPkC9BCyRbjM0btAckhawRKErzBG3puH77
WxkqSHn0p0gec7i60/UYcpini98ahsOOLbsFC/+4BcWaMda2kEqb4EW3PDR1YzoR
ggkBacnRcHKfd+EHDV59fxE5PQwnFDNcmYtZgBDuFwOJrEEKta/PP6HqHTAEFYEr
thSXlq+xZqzQ6Luy
=K8zI
-----END PGP SIGNATURE-----