2.10.0

Notewhorth changes:

• Fix android build scripts, use CMake from SDK
• Fix connection negotiation with mstsc/msrdc #8426
• [ntlm]: use rfc5929 binding hash algorithm #8430
• [channels,printer] Fixed reference counting #8433
• Fix uwac pixman #8439
• Fix Rdp security #8457
• [client,x11] Detect key autorepeat #8522
• [build] add channel path to RPATH #8551
• Fix build with BUILTIN_CHANNELS=OFF #8560
• revert changes so that the osmajortype/osminortype is not overwritten #8571
• [uwac] do not use iso C functions #8604
• [winpr,sam] fix inalid NULL arguments #8605
• Fix incompatible function pointer types #8625

Fixed issues:

• Backported #8581: Ignore data PDUs for DVCs that were not opened successfully
• Backported #8498: [channel,urbdrc] fix type of usb hotplug callback
• Backported #8537: Extended info enforce limits
• Backported #8611: [core] add missing redirection fields

2.9.0

Notewhorth changes:

• Backported #8252: Support sending server redirection PDU
• Backported #8406: Ensure X11 client cursor is never smaller 1x1
• Backported #8403: Fixed multiple client side input validation issues
  (CVE-2022-39316, CVE-2022-39317, CVE-2022-39318, CVE-2022-39319,
  CVE-2022-39320, CVE-2022-41877, CVE-2022-39347)
• Backported #7282: Proxy server now discards input events sent before
  activation was received
• Backported #8324: Internal replacements for md4, md5 and hmac-md5
  For the time being the RDP protocol requires these outdated hash
  algorithms. So any distribution that wants to ship a working
  FreeRDP should check the options WITH_INTERNAL_MD4 (and depending
  on OpenSSL deprecation status WITH_INTERNAL_MD5)

Fixed issues:

• Backported #8341: Null checks in winpr_Digest_Free
• Backported #8335: Missing NULL return in winpr_Digest_New
• Backported #8192: Support for audin version 2 microphone channel
• Backported #7282: Discard input events before activation (Fixes #8374)

For a complete and detailed change log since the last release run:
git log 2.8.1..2.9.0

Thanks to "Team BT5 (BoB 11th)" for reporting the security issues.

2.8.1

Notewhorth changes:

• Fixed CVE-2022-39282
• Fixed CVE-2022-39283
• Added missing commit for backported #8041: Remove ALAW/ULAW codecs from linux backends (unreliable)
• Added hash checks for android build script dependencies

Fixed issues:

• #8190: Fix build break with newer FFMPEG versions
• #8234: Updated flatpak with build script
• #8210: Better execinfo support check for android
• #7708: Header now defines DumpThreadHandles
• #8176: Check fullscreen state and not setting
• #8236: Send resize on window state change
• #7611: Audin macOS monterey fix
• #8291: Android build script update
• Fix length checks and initialization in the deprecated (disabled per default) tsmf channel

Release 2.8.0

Noteworthy changes:

• Backported API to get peer accepted channel option flags
• Backported API to get peer accepted channel names
• Backported Stream_CheckAndLogRequiredLength
• Backported #7954: Add server side handling for [MS-RDPET]
• Backported #8010: Add server side handling for [MS-RDPECAM]
• Backported #8041: Remove ALAW/ULAW codecs from linux backends (unreliable)
• Backported #8051: Relieve CLIPRDR filename restriction when connecting to non-MS Windows servers
• Backported #8048: TLS version control
• Backported #7987: Add a new command line arg to enforce tls1.2

Fixed issues:

• Fixed #7837: Prevent out of bound reads for FFMPEG
• Backported #7859 and #7861: Unwind support for backtrace generation
• Backported #7440: wlfreerdp appid
• Backported #7832: RAIL window restore
• Backported #7833: Refactored WinPR thread locking
• Backported #7893: Mac rdpsnd memory leak fixes
• Backported #7895: Mac audin memory leak fixes
• Backported #7898: Automatic android versioning
• Backported #7916: GFX 10.7 capability support
• Backported #7949: Server RDPSND API improvements
• Backported #7957: Server DVC API improvements
• Backported #7760: Fixed osMinorType values
• Backported #8013: Add missing osMajorType values
• Backported #8076: Fix wrong usage of subband diffing flag (tile artifact fix)

Release 2.7.0

Noteworthy changes:

• Backported OpenSSL3 gateway support (#7822)
• Backported various NTLM fixes
• Backported WINPR_ASSERT to ease future backports

Fixed issues:

• Backported #6786: Use /network:auto by default
• Backported #7714: Workaround for broken surface frame marker
• Backported #7733: Support 10bit X11 color (BGRX32 only)
• Backported #7745: GFX progressive double free
• Backported #7808: Disable websockets with /gt:rpc
• Backported #7815: RAIL expect LOGON_MSG_SESSION_CONTINUE

Release 2.6.1

Noteworthy changes:

• Decreased logging verbosity, now freerdp is much less verbose by default

Fixed issues:

• Backported freerdp_abort_connect during freerdp_connect fix (#7700)
• Backported improved version dection see docs/version_detection.md for details
• Backported various rdpsnd fixes (#7695)

Release 2.6.0

2.6.0 is an maintenance and security release.

Noteworthy changes:

• Backported android FFMPEG build scripts
• Updated android build dependencies
• Backported AINPUT channel

Fixed issues:

• Backported #7303: Fix PDU length for RDPINPUT_PROTOCOL_V300
• Backported #7658: Sanitize optional physical monitor size values
• Backported #7426: Wayland memory corruption
• Backported #7293: Remove unused codec x264
• Backported #7541: Allow resolutions larger 2048x2048
• Backported #7574: FFMPEG 5.0 support
• Backported #7578: FFMPEG 5.0 support
• Backported #7580: Fixed device hotplugging
• Backported #7583: GetUserNameExA: Prefer getpwuid_r over getlogin_r over getlogin
• Backported #7585: Android Mediacodec support

Release 2.5.0

2.5.0 is an maintenance and security release.

Important notes

This version contains minor security related fixes and improvements for locale detection, registry parsing code and addin loader
Thanks to George Zaytsev from Positive Technologies for reporting these problems.

Noteworthy changes:

• Fixed smartcard login in case a redirection occurs the pin was lost
• Backported windows client drawing fixes
• Backported improved macOS keyboard layout detection
• Backported TcpConnectTimeout
• Backported LibreSSL compatibility patches
• Backported signal handler backtrace
• Backported OpenSSL 3.0 support

Fixed issues:

• Backport #7539: Wayland client clipboard issues
• Backport #7509: Various fixes regarding registry emulation, addin loader
  and updated locale detection
• Backport #7466: Android android_register_pointer missing initialization

Full Changelog: 2.4.1...2.5.0

Release 2.4.1

FreeRDP version 2.4.1

See https://pub.freerdp.com/releases/ for the release tarball.

Noteworthy changes:

• Refactored RPC gateway parsing code
• OpenSSL 3.0 compatibility fixes
• USB redirection: fixed transfer lengths

Fixed issues:

• #7363: Length checks in ConvertUTF8toUTF16
• #7349: Added checks for bitmap width and heigth values

Important notes:

• CVE-2021-41159: Improper client input validation for gateway connections allows to overwrite memory
• CVE-2021-41160: Improper region checks in all clients allow out of bound write to memory

For a complete and detailed change log since the last release run:
git log 2.4.0..2.4.1

Release 2.4.0

FreeRDP version 2.4.0

See https://pub.freerdp.com/releases/ for the release tarball.

Noteworthy changes:

• Backported multithreaded progressive decoder (#7036)
• Backported clipboard fixes (#6924)
• Fixed remote file read (#7185)

Fixed issues:

• #6938: RAILS clipboard remote -> local
• #6985: Support newer FFMPEG builds
• #6989: Use OpenSSL default certificate store settings
• #7073: Planar alignment fixes