Bug#1054915: marked as done (bookworm-pu: package freerdp2/2.11.7+dfsg1-6~deb12u1)

Sat, 10 Jan 2026 04:07:41 -0800 

Your message dated Sat, 10 Jan 2026 11:59:45 +0000
with message-id <[email protected]>
and subject line Released with 12.13
has caused the Debian Bug report #1054915,
regarding bookworm-pu: package freerdp2/2.11.7+dfsg1-6~deb12u1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
1054915: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054915
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
Tags: bookworm
User: [email protected]
Usertags: pu
X-Debbugs-Cc: [email protected], [email protected]
Control: affects -1 + src:freerdp2

I'm asking for pre-approval to update freerdp2 from 2.10.0 to 
2.11.2.

The changes from 2.10.0 to 2.11.2 are mainly targeting security
fixes (12 CVE's, see security tracker [1] for details),

[1] https://security-tracker.debian.org/tracker/source-package/freerdp2

upstream changelog is at
https://github.com/FreeRDP/FreeRDP/blob/stable-2.0/ChangeLog
all commits are:
https://github.com/FreeRDP/FreeRDP/compare/2.10.0...2.11.2

When working on the LTS updates, I've been in contact in contact with the
maintainer and one of the upstream maintainer and checked with them
about feasbility and e.g confirmed that the new upstream version is ABI
compatible. I've tested reverse dependencies (remmina, vinagre,
gnome-connections) against a Windows 10 RDP host and confirmed packages
are still working. 

Backporting the fixes is of course possible, but bears a significant
risk for regression, therefor I would prefer to use the new upstream
version, given also that upstream changes are only a few and fixing
also a few bugs that would be nice to be fixed.

As far as I understood it, the maintainers would also prefer the new
version over patching the one in stable. (They are in CC, so can
intervene if I got that wrong…)

If this is a viable route, please let me know and I will prepare a
debdiff for a the real approval.

-- 
Cheers,
tobi

--- End Message ---
--- Begin Message --- 
Package: release.debian.org\nVersion: 12.13\n\nThis update has been released as 
part of Debian 12.13.

--- End Message ---

Reply via email to