Hi Michael, On Fri, Apr 03, 2026 at 06:55:27PM +0300, Michael Tokarev wrote: > On Sat, 28 Mar 2026 21:07:22 +0300 Michael Tokarev <[email protected]> wrote: > > On 28.03.2026 19:07, Jonathan Wiltshire wrote: > > > Control: tag -1 confirmed > > > > Hi, > > > > I am fine with everything you propose. Please go ahead. > > > > Thank you! Uploaded. > > > > Please note: there's another 2 batches of CVE fixes in 3.24.0 and 3.24.2 > > versions of freerdp, which are not included in this upload, - I'll > > prepare another one, hopefully anyway. > Hi! > > I updated the package to include more security fixes from the upstream, > as has been mentioned earlier. > > Debdiff against the previous upload is below, version > 3.15.0+dfsg-2.1+deb13u2 > > I dunno if it is better to combine it this with the previous upload or > to have 2 different uploads like it is now - I'm okay either way, just > tell me how it is easier for you. I probably should update subject to > reflect the version, if it should be new version. > > As before, this release is verified just by using the tools provided, - > which had me to pick a few more fixes so it works correctly. So it'd > be better if this upload be available in trixie-proposed-updates for a > while before becoming an official part of debian trixie.
I'm not a SRM, so do not take this as an authoritative answer. But my gut feeling here is as follows: The earlier change was acked and requested to be uploaded, which you did, while it yet still in freerdp3 | 3.15.0+dfsg-2.1+deb13u1 | stable-new | source I would actually decouple the new followup update with a new bugreport and leaving this one for 3.15.0+dfsg-2+deb13u1. So open a new one to build on top 3.15.0+dfsg-2+deb13u2. But again, I'm not authoritatively speaking here. Regards, Salvatore
