| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: freerdp2-proxy | Distribution: openSUSE Tumbleweed |
| Version: 2.11.7 | Vendor: openSUSE |
| Release: 7.1 | Build date: Tue Mar 31 16:48:46 2026 |
| Group: Productivity/Networking/Other | Build host: reproducible |
| Size: 104720 | Source RPM: freerdp2-2.11.7-7.1.src.rpm |
| Packager: https://bugs.opensuse.org | |
| Url: https://www.freerdp.com/ | |
| Summary: Remote Desktop Security and Monitorig Proxy Server | |
This package contains a proxy that allows to select specific features and channels allowed for all connections passing through. It allows monitoring of the running sessions.
Apache-2.0
* Tue Mar 31 2026 Michael Gorse <mgorse@suse.com>
- Fix freerdp-CVE-2026-24684-2.patch. The previous version wrongly
deleted a check for an error condition (bsc#1257991).
* Thu Mar 26 2026 Yifan Jiang <yfjiang@suse.com>
- Add patches to fix CVE issues:
+ freerdp-CVE-2026-26271.patch (CVE-2026-26271, bsc#1258979)
+ freerdp-CVE-2026-26955.patch (CVE-2026-26955, bsc#1258982)
+ freerdp-CVE-2026-26965.patch (CVE-2026-26965, bsc#1258985)
+ freerdp-CVE-2026-31806.patch (CVE-2026-31806, bsc#1259653)
+ freerdp-CVE-2026-31883_31885.patch (CVE-2026-31883,
CVE-2026-31885, bsc#1259679 bsc#1259686)
* Wed Mar 11 2026 jjindrak@suse.com
- Fix for SG#71728, bsc#1259251:
* freerdp-CVE-2026-24491.patch: Fix use-after-free that was
accidentally introduced in the backport.
* Thu Feb 26 2026 Yifan Jiang <yfjiang@suse.com>
- Add patches to fix CVE issues:
+ freerdp-3-macro.patch
+ freerdp-CVE-2026-22855.patch (CVE-2026-22855, bsc#1256721)
+ freerdp-CVE-2026-22857.patch (CVE-2026-22857, bsc#1256723)
+ freerdp-CVE-2026-23533.patch (CVE-2026-23533, bsc#1256943)
+ freerdp-CVE-2026-23732.patch (CVE-2026-23732, bsc#1256945)
+ freerdp-CVE-2026-23883.patch (CVE-2026-23883, bsc#1256946)
+ freerdp-CVE-2026-23884.patch (CVE-2026-23884, bsc#1256947)
* Wed Feb 18 2026 Michael Gorse <mgorse@suse.com>
- Add more CVE fixes:
+ freerdp-CVE-2026-24491.patch (CVE-2026-24491, bsc#1257981)
+ freerdp-CVE-2026-24675.patch (CVE-2026-24675, bsc#1257982)
+ freerdp-CVE-2026-24676.patch (CVE-2026-24676, bsc#1257983)
+ freerdp-CVE-2026-24679.patch (CVE-2026-24679, bsc#1257986)
+ freerdp-CVE-2026-24681.patch (CVE-2026-24681, bsc#1257988)
+ freerdp-CVE-2026-24682.patch (CVE-2026-24682, bsc#1257989)
+ freerdp-CVE-2026-24683.patch (CVE-2026-24683, bsc#1257990)
+ freerdp-CVE-2026-24684.patch (CVE-2026-24684, bsc#1257991)
+ freerdp-CVE-2026-24684-2.patch (CVE-2026-24684, bsc#1257991)
* Fri Feb 06 2026 Yifan Jiang <yfjiang@suse.com>
- Add patches to fix CVE issues:
+ freerdp-CVE-2026-22852.patch (CVE-2026-22852, bsc#1256718)
+ freerdp-CVE-2026-22854.patch (CVE-2026-22854, bsc#1256720)
+ freerdp-CVE-2026-22856.patch (CVE-2026-22856, bsc#1256722)
+ freerdp-CVE-2026-22859.patch (CVE-2026-22859, bsc#1256725)
+ freerdp-CVE-2026-23530.patch (CVE-2026-23530, bsc#1256940)
+ freerdp-CVE-2026-23531.patch (CVE-2026-23531, bsc#1256941)
+ freerdp-CVE-2026-23532.patch (CVE-2026-23532, bsc#1256942)
+ freerdp-CVE-2026-23534.patch (CVE-2026-23534, bsc#1256944)
* Fri Oct 24 2025 Yifan Jiang <yfjiang@suse.com>
- Update 0001-Fix-build-with-ffmpeg-7.patch: fix build issue in
h264_ffmpeg.c.
* Sat Oct 05 2024 Christophe Marin <christophe@krop.fr>
- Add upstream fixes (picked from Debian) (boo#1231317)
* 0001-info-Fix-incompatible-pointer-type.patch
* 0002-redirection-Fix-incompatible-pointer-type.patch
* 0003-redirection-Fix-incompatible-pointer-type.patch
* 0004-X11-fix-pointer-integer-type-mismatch.patch
* 0005-client-wayland-fix-const-correctness.patch
* 0006-warnings-fix-Wincompatible-pointer-types.patch
* 0007-server-proxy-deactivate-capture-module.patch
* 0001-Fix-build-with-ffmpeg-7.patch
* Mon Jun 03 2024 Hans-Peter Jansen <hpj@urpla.net>
- Update to 2.11.7
+ Backported oss-fuzz fixes
- Update to 2.11.6
+ CVE:
* CVE-2024-32041 [Low[ OutOfBound Read in
zgfx_decompress_segment
* CVE-2024-32039 [Moderate] Integer overflow & OutOfBound Write
in clear_decompress_residual_data
* CVE-2024-32040 [Low] integer underflow in nsc_rle_decode
* CVE-2024-32458 [Low] OutOfBound Read in planar_skip_plane_rle
* CVE-2024-32459 [Low] OutOfBound Read in ncrush_decompress
* CVE-2024-32460 [Low] OutOfBound Read in
interleaved_decompress
+ Noteworthy changes:
* Backported #10077
- Remove these patches, applied upstream:
+ freerdp-CVE-2023-40574-to-2023-40576.patch
+ freerdp-CVE-2024-32658.patch
+ freerdp-CVE-2024-32659.patch
+ freerdp-CVE-2024-32660.patch
* Thu May 23 2024 Daike Yu <yu.daike@suse.com>
- Multiple CVE fixes
+ Add freerdp-CVE-2024-32659.patch (bsc#1223346, CVE-2024-32659)
- out-of-bounds read if `((nWidth == 0) and (nHeight == 0))`
+ Add freerdp-CVE-2024-32660.patch (bsc#1223347, CVE-2024-32660)
- client crash via invalid huge allocation size
+ Add freerdp-CVE-2024-32661.patch (bsc#1223348, CVE-2024-32661)
- client NULL pointer dereference
+ Add freerdp-CVE-2024-32658.patch (bsc#1223353, CVE-2024-32658)
- out-of-bounds read in Interleaved RLE Bitmap Codec in FreeRDP based clients
* Wed Apr 10 2024 Hans-Peter Jansen <hpj@urpla.net>
- Add xfreerdp binary/man builds back with new name: xfreerdp2
* Tue Apr 09 2024 Christophe Marin <christophe@krop.fr>
- Add patch to avoid unneeded dependencies when using winpr-devel:
* 0001-Don-t-add-winpr-cli-tools-to-exported-CMake-targets.patch
* Tue Apr 02 2024 Joan Torres <joan.torres@suse.com>
- Update Source0 URL to make it valid with the actual Source0.
* Tue Mar 26 2024 Joan Torres <joan.torres@suse.com>
- Fix file conflict of wlog.7 with freerdp3
* Thu Mar 14 2024 Joan Torres <joan.torres@suse.com>
- Update to version 2.11.5:
* Fix integer overflow in progressive decoder (bsc#1219049, CVE-2024-22211)
* Update OpenSSL API usage for compatiblility with newer versions (#9747)
* Prevent NULL dereference for single thread decoder (#9712)
* Thu Mar 14 2024 Joan Torres <joan.torres@suse.com>
- Modify package names to freerdp2:
* This allows to have a freerdp version 2 and freerdp version 3
simultaneously installed
* Tue Feb 06 2024 Daike Yu <yu.daike@suse.com>
- Add freerdp-CVE-2023-40574-to-2023-40576.patch
* Fix CVE-2023-40574 - bsc#1214869
Out-Of-Bounds Write in general_YUV444ToRGB_8u_P3AC4R_BGRX
* Fix CVE-2023-40575 - bsc#1214870
Out-Of-Bounds Read in general_YUV444ToRGB_8u_P3AC4R_BGRX
* Fix CVE-2023-40576 - bsc#1214871
Out-Of-Bounds Read in RleDecompress
* Thu Nov 16 2023 Christophe Marin <christophe@krop.fr>
- Fix winpr-devel dependencies. WinePRTargets-*.cmake defines
CMake targets for winpr-hash and winpr-makecert. They have to be
present.
* Fri Oct 20 2023 Adriankhl <dlshcbmuipmam@hotmail.com>
- Update to 2.11.2
* Backported #9356: Fix issues with order updates
* Backported #9378: backported wArrayList (optional) copy on insert
* Backported #9360: backported certificate algorithm detection
* Wed Aug 30 2023 Christophe Marin <christophe@krop.fr>
- Update to 2.11.0
* Various input validation fixes
* Added various CMake options #9317
* LibreSSL build fixes #8709
* Big endian support
* Mouse grabbing support
* wayland scrolling fix
* Update h264 to use new FFMPEG API
* early bail from update_read_window_state_order breaks protocol
* rdpecam/server: Remove wrong assertion
* bounds checks for gdi/gfx rectangles
* enforce rdpdr client side state checks
* deactivate mouse grabbing by default
* channels/cliprdr: Fix writing incorrect PDU type for unlock
PDUs
* Fix CVE-2023-39350 - boo#1214856
incorrect offset calculation leading to DoS
* Fix CVE-2023-39351 - boo#1214857
Null Pointer Dereference leading DoS in RemoteFX
* Fix CVE-2023-39352 - boo#1214858
Invalid offset validation leading to Out Of Bound Write
* Fix CVE-2023-39353 - boo#1214859
Missing offset validation leading to Out Of Bound Read
* Fix CVE-2023-39354 - boo#1214860
Out-Of-Bounds Read in nsc_rle_decompress_data
* Fix CVE-2023-39356 - boo#1214862
Missing offset validation leading to Out-of-Bounds Read in gdi_multi_opaque_rect
* Fix CVE-2023-40181 - boo#1214863
Integer-Underflow leading to Out-Of-Bound Read in zgfx_decompress_segment
* Fix CVE-2023-40186 - boo#1214864
IntegerOverflow leading to Out-Of-Bound Write Vulnerability in gdi_CreateSurface
* Fix CVE-2023-40188 - boo#1214866
Out-Of-Bounds Read in general_LumaToYUV444
* Fix CVE-2023-40567 - boo#1214867
Out-Of-Bounds Write in clear_decompress_bands_data
* Fix CVE-2023-40569 - boo#1214868
Out-Of-Bounds Write in progressive_decompress
* Fix CVE-2023-40589 - boo#1214872
Global-Buffer-Overflow in ncrush_decompress
- Drop patch, now upstream:
* Update_h264_to_use_new_FFMPEG_API.patch
* Wed May 31 2023 Andreas Schwab <schwab@suse.de>
- Don't compile shared objects with -fPIE and use -pie only for executables
- Reenable LTO on ARM
* Mon Apr 24 2023 Bjørn Lie <bjorn.lie@gmail.com>
- Add Update_h264_to_use_new_FFMPEG_API.patch: Update h264 to use
new FFMPEG API.
* Thu Feb 16 2023 Hans-Peter Jansen <hpj@urpla.net>
- Ugraded to freerdp 2.10.0
* Fix android build scripts, use CMake from SDK
* Fix connection negotiation with mstsc/msrdc #8426
* [ntlm]: use rfc5929 binding hash algorithm #8430
* [channels,printer] Fixed reference counting #8433
* Fix uwac pixman #8439
* Fix Rdp security #8457
* [client,x11] Detect key autorepeat #8522
* [build] add channel path to RPATH #8551
* Fix build with BUILTIN_CHANNELS=OFF #8560
* revert changes so that the osmajortype/osminortype is not
overwritten #8571
* [uwac] do not use iso C functions #8604
* [winpr,sam] fix inalid NULL arguments #8605
* Fix incompatible function pointer types #8625
* Fixed issues:
* Backported #8581: Ignore data PDUs for DVCs that were not
opened successfully
* Backported #8498: [channel,urbdrc] fix type of usb hotplug
callback
* Backported #8537: Extended info enforce limits
* Backported #8611: [core] add missing redirection fields
- Patches removed, that were accepted upstream
+ freerdp-builtin-channels-off-link-fix.diff
+ freerdp-fix-rpath-settings.diff
/usr/bin/freerdp2-proxy
Generated by rpm2html 1.8.1
Fabrice Bellet, Fri Apr 17 22:31:14 2026