freerdp2 (2.9.0+dfsg1-1)
[PTS] [DDPO]
OK: VCS matches the version in the archive
- Git: https://salsa.debian.org/debian-remote-team/freerdp2.git
-
- Branch: master
- Path: debian/changelog
- Repo size: 20475904
- Browser: https://salsa.debian.org/debian-remote-team/freerdp2
- Last scan: 2023-02-05 07:45:03+00
- Next scan: 2023-02-11 15:12:00+00
- Merge requests: 2
- Debian changelog in Git:
freerdp2 (2.9.0+dfsg1-1) unstable; urgency=medium
* New upstream release. (Closes: #1024511).
- CVE-2022-39316: Resolve out of bound read in ZGFX decoder component.
- CVE-2022-39317: Resolve missing a range check for input offset index
in ZGFX decoder.
- CVE-2022-39318: Resolve missing input validation in `urbdrc` channel.
- CVE-2022-39319: Resolve missing input length validation in the `urbdrc`
channel
- CVE-2022-39320: Resolve attempting integer addition on too narrow types
leading to allocation of a buffer too small holding the data written.
- CVE-2022-39347: Resolve missing path canonicalization and base path check
for `drive` channel.
- CVE-2022-41877: Resolv missing input length validation in `drive` channel.
- Test if packages' executables can be run without 'undefined symbol:
winpr_PathMakePath' error. (Closes: #1024758).
* debian/copyright:
+ Update auto-generated copyright.in file.
+ Update copyright attributions.
* debian/*.symbols:
+ Update .symbols files.
-- Mike Gabriel <sunweaver@debian.org> Mon, 28 Nov 2022 09:51:57 +0100
- This branch is even with tag debian/2.9.0+dfsg1-1