[ubuntu/resolute-proposed] freerdp3 3.24.2+dfsg-1ubuntu1 (Accepted)
Sebastien Bacher
seb128 at ubuntu.com
Wed Apr 1 10:20:47 UTC 2026
freerdp3 (3.24.2+dfsg-1ubuntu1) resolute; urgency=medium
* Merge with Debian, remaining change
debian/tests/control: Depends on freerdp-x11 instead of @, which fixes
the i386 tests by not trying to install transitional binaries
freerdp3 (3.24.2+dfsg-1) unstable; urgency=medium
* new upstream bugfix/security release:
CVE-2026-31883 `size_t` underflow in ADPCM decoder leads
to heap-buffer-overflow write
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-85x9-4xxp-xhm5
CVE-2026-31897 Out-of-bounds read in `freerdp_bitmap_decompress_planar`
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-xgv6-r22m-7c9x
CVE-2026-33952 DoS via WINPR_ASSERT in rts_read_auth_verifier_no_checks
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4v4p-9v5x-hc93
CVE-2026-33977 DoS via WINPR_ASSERT in IMA ADPCM audio decoder (dsp.c:331)
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-8f2g-3q27-6xm5
CVE-2026-33995 double free in kerberos_AcceptSecurityContext
and kerberos_IntitalizeSecurityContextA
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-mv25-f4p2-5mxx
CVE-2026-33984 ClearCodec resize_vbar_entry() Heap OOB Write
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-8469-2xcx-frf6
CVE-2026-33983 Progressive Codec Quant BYTE Underflow - UB + CPU DoS
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4gfm-4p52-h478
CVE-2026-33985 ClearCodec Glyph Cache Count Desync - Heap OOB Read
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-x6gr-8p7h-5h85
CVE-2026-33986 H.264 YUV Buffer Dimension Desync - Heap OOB Write
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-h6qw-wxvm-hf97
CVE-2026-33987 Persistent Cache bmpSize Desync - Heap OOB Write
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-ff8h-p5vc-wcwc
CVE-2026-33982 Persistent Cache Allocator Mismatch - Heap OOB Read
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-8jm9-2925-g4v2
Date: Wed, 01 Apr 2026 09:52:06 +0200
Changed-By: Sebastien Bacher <seb128 at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/freerdp3/3.24.2+dfsg-1ubuntu1
-------------- next part --------------
Format: 1.8
Date: Wed, 01 Apr 2026 09:52:06 +0200
Source: freerdp3
Built-For-Profiles: noudeb
Architecture: source
Version: 3.24.2+dfsg-1ubuntu1
Distribution: resolute
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Sebastien Bacher <seb128 at ubuntu.com>
Changes:
freerdp3 (3.24.2+dfsg-1ubuntu1) resolute; urgency=medium
.
* Merge with Debian, remaining change
debian/tests/control: Depends on freerdp-x11 instead of @, which fixes
the i386 tests by not trying to install transitional binaries
.
freerdp3 (3.24.2+dfsg-1) unstable; urgency=medium
.
* new upstream bugfix/security release:
CVE-2026-31883 `size_t` underflow in ADPCM decoder leads
to heap-buffer-overflow write
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-85x9-4xxp-xhm5
CVE-2026-31897 Out-of-bounds read in `freerdp_bitmap_decompress_planar`
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-xgv6-r22m-7c9x
CVE-2026-33952 DoS via WINPR_ASSERT in rts_read_auth_verifier_no_checks
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4v4p-9v5x-hc93
CVE-2026-33977 DoS via WINPR_ASSERT in IMA ADPCM audio decoder (dsp.c:331)
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-8f2g-3q27-6xm5
CVE-2026-33995 double free in kerberos_AcceptSecurityContext
and kerberos_IntitalizeSecurityContextA
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-mv25-f4p2-5mxx
CVE-2026-33984 ClearCodec resize_vbar_entry() Heap OOB Write
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-8469-2xcx-frf6
CVE-2026-33983 Progressive Codec Quant BYTE Underflow - UB + CPU DoS
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4gfm-4p52-h478
CVE-2026-33985 ClearCodec Glyph Cache Count Desync - Heap OOB Read
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-x6gr-8p7h-5h85
CVE-2026-33986 H.264 YUV Buffer Dimension Desync - Heap OOB Write
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-h6qw-wxvm-hf97
CVE-2026-33987 Persistent Cache bmpSize Desync - Heap OOB Write
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-ff8h-p5vc-wcwc
CVE-2026-33982 Persistent Cache Allocator Mismatch - Heap OOB Read
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-8jm9-2925-g4v2
Checksums-Sha1:
a7accf32f986842abd94a955555d0ac3f18a8480 4661 freerdp3_3.24.2+dfsg-1ubuntu1.dsc
42c72ae391f7e5365c9aa462dd592aa1373eface 5137920 freerdp3_3.24.2+dfsg.orig.tar.xz
0eafc6b1456773730676f47ba7f42f6c316f5c4c 54316 freerdp3_3.24.2+dfsg-1ubuntu1.debian.tar.xz
c1b856205d9759d18d75b0923bb5e9b31f6ae964 8258 freerdp3_3.24.2+dfsg-1ubuntu1_source.buildinfo
Checksums-Sha256:
51612e5c24f24056a84cb53148e62fb2fb804a056b244cf5473c610e2dd1642b 4661 freerdp3_3.24.2+dfsg-1ubuntu1.dsc
aeafc1587dbce2698b97c0b2e1c7e29cd0211fa56a556068fd3eaf2faa7405f9 5137920 freerdp3_3.24.2+dfsg.orig.tar.xz
d3da3f99322016cabdd063d041c5d1313723363acef03753860c126d793cafaf 54316 freerdp3_3.24.2+dfsg-1ubuntu1.debian.tar.xz
f3a88ca865a6850bb1b9fbcda3ee78614c5caea29c5c0346e448ee88f837f6b3 8258 freerdp3_3.24.2+dfsg-1ubuntu1_source.buildinfo
Files:
5cfa3a77b0d5ea4324730ee14f086b21 4661 x11 optional freerdp3_3.24.2+dfsg-1ubuntu1.dsc
a65744dc9e77df22b6113f4d34c3e697 5137920 x11 optional freerdp3_3.24.2+dfsg.orig.tar.xz
fffe7f4c5699fbcef28925dd8f9c5196 54316 x11 optional freerdp3_3.24.2+dfsg-1ubuntu1.debian.tar.xz
905830c13f4866700306c3485abcbffa 8258 x11 optional freerdp3_3.24.2+dfsg-1ubuntu1_source.buildinfo
Original-Maintainer: Debian Remote Maintainers <debian-remote at lists.debian.org>
More information about the Resolute-changes
mailing list