freerdp2 (2.9.0+dfsg1-1) [PTS] [DDPO]

OK: VCS matches the version in the archive

Git: https://salsa.debian.org/debian-remote-team/freerdp2.git
JSON
Enter a full Vcs-* header, supported schemes are: Vcs-Bzr, Vcs-Cvs, Vcs-Darcs, Vcs-Git, Vcs-Hg, Vcs-Mtn, Vcs-Svn.
For Vcs-Git append -b branch to select the branch name; append [subdir] if the debian/ directory is not in the repository root.
The next upload will reset the information from the source package headers.
Branch: master
Path: debian/changelog
Repo size: 20475904
Browser: https://salsa.debian.org/debian-remote-team/freerdp2
Last scan: 2023-02-05 07:45:03+00
Next scan: 2023-02-11 15:12:00+00
Merge requests: 2

Debian changelog in Git:

freerdp2 (2.9.0+dfsg1-1) unstable; urgency=medium

  * New upstream release. (Closes: #1024511).
    - CVE-2022-39316: Resolve out of bound read in ZGFX decoder component.
    - CVE-2022-39317: Resolve missing a range check for input offset index
      in ZGFX decoder.
    - CVE-2022-39318: Resolve missing input validation in `urbdrc` channel.
    - CVE-2022-39319: Resolve missing input length validation in the `urbdrc`
      channel
    - CVE-2022-39320: Resolve attempting integer addition on too narrow types
      leading to allocation of a buffer too small holding the data written.
    - CVE-2022-39347: Resolve missing path canonicalization and base path check
      for `drive` channel.
    - CVE-2022-41877: Resolv missing input length validation in `drive` channel.
    - Test if packages' executables can be run without 'undefined symbol:
      winpr_PathMakePath' error. (Closes: #1024758).
  * debian/copyright:
    + Update auto-generated copyright.in file.
    + Update copyright attributions.
  * debian/*.symbols:
    + Update .symbols files.

 -- Mike Gabriel <sunweaver@debian.org>  Mon, 28 Nov 2022 09:51:57 +0100

This branch is even with tag debian/2.9.0+dfsg1-1