-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 26 May 2025 14:38:19 +0200
Source: freerdp3
Architecture: source
Version: 3.15.0+dfsg-2.1
Distribution: unstable
Urgency: medium
Maintainer: Debian Remote Maintainers <debian-rem...@lists.debian.org>
Changed-By: Daniel Baumann <dan...@debian.org>
Closes: 1105917
Changes:
freerdp3 (3.15.0+dfsg-2.1) unstable; urgency=medium
.
* Non-maintainer upload.
* Cherry-picking patch from upstream:
- A flaw was found where a crafted RDP packet could trigger a segmentation
fault. This causes FreeRDP to crash and remain defunct, resulting in a
denial of service. Initializing function pointers in transport.c after
resource allocation fixes this [CVE-2025-4478] (Closes: #1105917).
Checksums-Sha1:
4730635957760e4a3459f5abbca77875a184a4dc 3507 freerdp3_3.15.0+dfsg-2.1.dsc
49f8f85ed62fe13cd14aa8a0dfa8646a72b4c6cb 57368
freerdp3_3.15.0+dfsg-2.1.debian.tar.xz
6f9134ee122c9f3321b5f57954326ecf450a4c2f 26210
freerdp3_3.15.0+dfsg-2.1_amd64.buildinfo
Checksums-Sha256:
2c4f8257491193f4a54b4a865e019cb4ca7c4d644b9e94d5d26f6391b7846a0d 3507
freerdp3_3.15.0+dfsg-2.1.dsc
dfda6d020a9b6bfb4812e354c31f1de694c33284d8bbea4ec7c0b878b66fa5c7 57368
freerdp3_3.15.0+dfsg-2.1.debian.tar.xz
44306448b8b7bca22ebe85c40cb3f9f330701c7d2bf9a882e336cc2f52dcfe09 26210
freerdp3_3.15.0+dfsg-2.1_amd64.buildinfo
Files:
ceaaa41b5faf986abc2b8031e5881b83 3507 x11 optional freerdp3_3.15.0+dfsg-2.1.dsc
253871191f2d69b0a6c5ae709f1883fe 57368 x11 optional
freerdp3_3.15.0+dfsg-2.1.debian.tar.xz
e623d245ef209bd95fd29e5f733be768 26210 x11 optional
freerdp3_3.15.0+dfsg-2.1_amd64.buildinfo-----BEGIN PGP SIGNATURE----- iHUEARYKAB0WIQQmmGg4gLaoSj0ERgL7tPDoCoAiLwUCaDRiOgAKCRD7tPDoCoAi L+ORAQDHJSdlhyaihlKF/mWqLYBWab/iCO038MWmRqwsdFS2UwD/fI5vBARQ43mm vpFHlkfY2NF0U5ZzU9PledR5OOn9wAk= =1Ka7 -----END PGP SIGNATURE-----
pgpB2eDOr0ghn.pgp
Description: PGP signature
