-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 13 Mar 2026 21:23:00 +0300 Source: freerdp3 Architecture: source Version: 3.24.0+dfsg-1 Distribution: unstable Urgency: medium Maintainer: Debian Remote Maintainers <[email protected]> Changed-By: Michael Tokarev <[email protected]> Changes: freerdp3 (3.24.0+dfsg-1) unstable; urgency=medium . * new upstream release, with enhancements, bugfixes, and more security fixes: CVE-2026-29774 Heap-buffer-overflow in avc420_yuv_to_rgb via OOB regionRects https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-5q35-hv9x-7794 CVE-2026-29775 Heap-buffer-overflow in bitmap_cache_put via OOB cacheId https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-h666-rfw3-jhvj CVE-2026-29776 Integer Underflow in update_read_cache_bitmap_order https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-c747-x4wf-cqrr CVE-2026-31806 (HIGH) Heap Buffer Overflow in nsc_process_message() via Unchecked SURFACE_BITS_COMMAND Bitmap Dimensions https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rrqm-46rj-cmx2 CVE-2026-31883 `size_t` underflow in ADPCM decoder leads to heap-buffer-overflow write https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-85x9-4xxp-xhm5 CVE-2026-31884 Division-by-zero in ADPCM decoders when `nBlockAlign` is 0 https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-jp7m-94ww-p56r CVE-2026-31885 Out-of-bounds read in ADPCM decoders due to missing predictor/step_index bounds checks https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-h23r-3988-3wf3 CVE-2026-31897 Out-of-bounds read in `freerdp_bitmap_decompress_planar` https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-xgv6-r22m-7c9x * d/libfreerdp3-3.symbols,d/libwinpr3-3.symbols: add new symbols * d/libfreerdp-client3-3.symbols: REMOVE unused symbols add_device del_device msusb_* These are internal symbols which should not be used * d/control, d/rules: libfuse is linux-only Checksums-Sha1: a5ad1a2efeccc68681c1ffe82ab9c7a6eaa5a9d4 4652 freerdp3_3.24.0+dfsg-1.dsc 515090cef16331415a215dae97439e664b2f86df 5152868 freerdp3_3.24.0+dfsg.orig.tar.xz 60456697d7a4f0e9dfe6d749da65e0473757b1a0 53668 freerdp3_3.24.0+dfsg-1.debian.tar.xz 0c79d2ba23b9cce814f260aab416366f6d0ead7e 6063 freerdp3_3.24.0+dfsg-1_source.buildinfo Checksums-Sha256: 44f33137fa3fb02fb1fa732b24f290f4a280c61a26c2b9d9b23f451cd52c2f74 4652 freerdp3_3.24.0+dfsg-1.dsc 5148d1e13940af96027801bf2606650ce8a639b8b8f98c51f7cb8d1a64ed87e1 5152868 freerdp3_3.24.0+dfsg.orig.tar.xz f04b10c499f78996e16da9833a5f2e32720f3a3fb047b2b3acdd1cae825f2c10 53668 freerdp3_3.24.0+dfsg-1.debian.tar.xz 40611a9fc051609e08e0ef578e279f792ca915c46e615d3c28545d41b2cd08aa 6063 freerdp3_3.24.0+dfsg-1_source.buildinfo Files: e68a73196c890e190388a4543818e833 4652 x11 optional freerdp3_3.24.0+dfsg-1.dsc f4c2653942d3db270cbae7d8033e7ae6 5152868 x11 optional freerdp3_3.24.0+dfsg.orig.tar.xz db6583abcb74b8733df0b49c49734611 53668 x11 optional freerdp3_3.24.0+dfsg-1.debian.tar.xz a276cd15d1c74ad579fdafcfc81dafbe 6063 x11 optional freerdp3_3.24.0+dfsg-1_source.buildinfo
-----BEGIN PGP SIGNATURE----- wsG7BAEBCgBvBYJptFYaCRCCqkokOx6UeEcUAAAAAAAeACBzYWx0QG5vdGF0aW9u cy5zZXF1b2lhLXBncC5vcmcra007fXNfnx0sEVz4H/ejKs/AChvby7xoarOLp7j+ NhYhBGSqKrUx1WkDNmv++YKqSiQ7HpR4AAC9cxAAoFSW/I8biTzZWSzR4WeRcM5s yf6xXCCiXFozAX9z3Nu3SZmDjPmyHnwQs+fv8PURvE3w+aMldPI7DzLYwH944phs vNRLUbSkArHmJuuSNN3ahtwfrqUDzaEDmhzyWu7j+8fVU8oAoU4mCzlKI7sVo58u W0zRefVnMpknk9/pih2rW8vYkZebSObU6N85lo3xU/ZrPbrek+mgcDEI3fsNEn9K Wr7J8WQWvrESOyXuTXARypULtUCIrKKUFVM4gBF2w5Ev62WzRgQH3HmjoheCzTP/ fhYKkfq4RTzCE8MLmdoZmndF0obkjJtfaWDQ3d03YG3CO55wkBkBP592P0+9l2II pfNR3SbhyEhVmfH7XB3zRO3ULtZDQZZ1Bsf9jB2qNc1gfVJJM3aKY6JWc7dr20OU QXdzbWyTaSad9VObUIoPKfjO0+Amsc1ZG6SBQAN0xQ1lIXCLWPAJhmfMy4Ai7PB8 BhMF1Enb1Dz/Eh2mJVU88rPz/I/EfG+R0/jzRNEBCPF9XoGibpxtLiDXwCZTWM1B QeinoRbnd8NcMbZ2TwhAU7xvkOXomlajK3u11oYaGqCpRBolMwav0Hszdlllz+2F GQ8t8rPxAS3ePcPovvfaOi3VhpjW8G3np5PwWPNuTGwFTAgmsrZGjSe7pY+nLzPj /HFCKzehUgZbtg4Dd8c= =zdsa -----END PGP SIGNATURE-----
pgpmZSMxBhOnt.pgp
Description: PGP signature
