-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 16 Jun 2026 09:02:32 +0300 Source: freerdp3 Architecture: source Version: 3.27.0+dfsg-1 Distribution: unstable Urgency: medium Maintainer: Debian Remote Maintainers <[email protected]> Changed-By: Michael Tokarev <[email protected]> Changes: freerdp3 (3.27.0+dfsg-1) unstable; urgency=medium . * a major feature/bugfix/cleanup upstream release, including: - TLS seclevel now defaults to 2 and a minimum of TLS 1.2 is required - Enhancements with Azure/Entra support - keyboard mapping - Allow RDPDR channel to pass additional arguments to the channel - Some client side statistics logging API was added - security fixes: - Heap-buffer-overflow write in TS Gateway RPC RESPONSE reassembly due to alloc_hint capacity mismatch https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9gxm-3mf5-f5cx - Heap-buffer-overflow write in TS Gateway RPC fragment receive due to uncapped bind_ack max_xmit_frag https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-7rp4-66mc-j9vx - Out-of-bounds read in H.264 YUV-to-RGB conversion due to decoder/surface dimension mismatch https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-3mmf-qh4f-frm6 - Heap-buffer-overflow write in AVC444 YUV buffer allocation https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-vx73-w5q6-7jqr - integer Overflow in `freerdp_image_copy_from_icon_data` Bypasses Bounds Check https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-5c5v-f78v-h2f6 * add new symbols to: libfreerdp, libfreerdp-client, libfreerdp-server-proxy, libwinpr * Revert "d/rules: -DWITH_INTERNAL_MD4=ON, due to libssl/libcrypto does not provide it (anymore?)" -- this was an issue in freerdp, now fixed * update previous changelog entry to include mentions of security fixes Checksums-Sha1: dc914110a8c09a474e98aeed995cb86c6c27bcb8 4559 freerdp3_3.27.0+dfsg-1.dsc 8b4178820838c1c8893c9e8fb7bdccd831e4a263 5194204 freerdp3_3.27.0+dfsg.orig.tar.xz c64c4873911d5cea1d6ddb4a4e94c580af83e6af 55340 freerdp3_3.27.0+dfsg-1.debian.tar.xz 3086962aa315be266c92b476b6690eee6b4b9cd3 6089 freerdp3_3.27.0+dfsg-1_source.buildinfo Checksums-Sha256: 33102a5dc65977902fd07b987cf9afc3dfdeb9a56cdb1fea231187142a28534d 4559 freerdp3_3.27.0+dfsg-1.dsc 4fd5a8b0f81070d4b61dadd23b35dc46c1b45c37b22a374fbf3358038135932c 5194204 freerdp3_3.27.0+dfsg.orig.tar.xz 530ab244d2482819be57248a1a68d2a088e32d0a168b8005a838d5624285609f 55340 freerdp3_3.27.0+dfsg-1.debian.tar.xz 39862820672173e73f425efd4df33c55a8dcf1a8be0585a7a3e5893ac7c5b3dc 6089 freerdp3_3.27.0+dfsg-1_source.buildinfo Files: 185e53f7b053aecdfcd53f37bf3a9f3d 4559 x11 optional freerdp3_3.27.0+dfsg-1.dsc 541d9f0d6725ff42c5b3294d3ea60120 5194204 x11 optional freerdp3_3.27.0+dfsg.orig.tar.xz 28a362a8dc4965964a264073fc92ad51 55340 x11 optional freerdp3_3.27.0+dfsg-1.debian.tar.xz c980fad36c0e1c5fb96f99a7c173208f 6089 x11 optional freerdp3_3.27.0+dfsg-1_source.buildinfo
-----BEGIN PGP SIGNATURE----- wsG7BAEBCgBvBYJqMOc4CRCCqkokOx6UeEcUAAAAAAAeACBzYWx0QG5vdGF0aW9u cy5zZXF1b2lhLXBncC5vcmdwa/g5byU5Eg3S3vGcbOSsWn9kWkRPPoVM0LZf4RIf lRYhBGSqKrUx1WkDNmv++YKqSiQ7HpR4AAB1qxAAwQ/OJHiiYBaqGvb9c4hZZRDP 8W0Lb+6sms4fkS2qQEE/pE2GMkYjF2cZ7xw4EnbfNKp1+rgUeeB5vVMeSe0NXJxS WoVO+4c7gNzGP1YFy4mMhE7yaE9qIc0P66J4r5scVexFyPc/DLKNhbQvjjSZv/Ub VzPG70w59ZmUaV+UNbusSwWrGZ1hL0VZXk40sBbx/v0YYkwPCZIkd2ETW7md4kch aAC67B2SYHrVwrejfd6Fw5KNFrpN+U8s1EWGyIQqTCRPxEfT2BnC7+ZfYYbE6n65 WBvLVxyT5uu02yBzPBtX4lL52v23w4bSBjLokIJgfJcp/aIaifvM016JY2HSXerD mEuE5KbmD+g1/9dw9bPzHoT8AANO7yIwyADTkBc8Ezx0A2RpnvbBygidO9ttHdUq ofLfCcgVgORzR8U1j5B5ZbdtC9RTsi85twTT7XTU8BqKvFMqwHWb0SkEsPjMwbAE 43xVonJele1IazYgAoWDNFpsy+z4i5xqbE1Mxi9e1/6sqTVZTk1Z8JAdR464nZr3 dbR0ghvtLe3BlY+jvr3l5iBrZiFYpFpdiXu8fzUI7EJE7b18p3sn1n/2cBCCCtH0 KdXO0XS6UB9DIv2kH2etmLO2X95aVWS8CqWNEqxAxaSKlnSEVlDGhjYbmmd/0UPk so5Y14woj3rKSqINy+0= =nx60 -----END PGP SIGNATURE-----
pgp37A3vwhExh.pgp
Description: PGP signature
