{"affected":[{"ecosystem_specific":{"binaries":[{"freerdp":"3.22.0-160000.1.1","freerdp-devel":"3.22.0-160000.1.1","freerdp-proxy":"3.22.0-160000.1.1","freerdp-proxy-plugins":"3.22.0-160000.1.1","freerdp-sdl":"3.22.0-160000.1.1","freerdp-server":"3.22.0-160000.1.1","freerdp-wayland":"3.22.0-160000.1.1","libfreerdp-server-proxy3-3":"3.22.0-160000.1.1","libfreerdp3-3":"3.22.0-160000.1.1","librdtk0-0":"3.22.0-160000.1.1","libuwac0-0":"3.22.0-160000.1.1","libwinpr3-3":"3.22.0-160000.1.1","rdtk0-devel":"3.22.0-160000.1.1","uwac0-devel":"3.22.0-160000.1.1","winpr-devel":"3.22.0-160000.1.1"}]},"package":{"ecosystem":"openSUSE:Leap 16.0","name":"freerdp","purl":"pkg:rpm/opensuse/freerdp&distro=openSUSE%20Leap%2016.0"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.22.0-160000.1.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for freerdp fixes the following issues:\n\nUpdate to version 3.22.0 (jsc#PED-15526):\n\n  + Major bugfix release:\n\n    * Complete overhaul of SDL client\n    * Introduction of new WINPR_ATTR_NODISCARD macro wrapping compiler or C language version specific [[nodiscard]] attributes\n    * Addition of WINPR_ATTR_NODISCARD to (some) public API functions so usage errors are producing warnings now\n    * Add some more stringify functions for logging\n    * We've received CVE reports, check\n      https://github.com/FreeRDP/FreeRDP/security/advisories for more details!\n      @Keryer reported an issue affecting client and proxy:\n      * CVE-2026-23948\n      @ehdgks0627 did some more fuzzying and found quite a number of client side bugs.\n      * CVE-2026-24682\n      * CVE-2026-24683\n      * CVE-2026-24676\n      * CVE-2026-24677\n      * CVE-2026-24678\n      * CVE-2026-24684\n      * CVE-2026-24679\n      * CVE-2026-24681\n      * CVE-2026-24675\n      * CVE-2026-24491\n      * CVE-2026-24680\n\n- Changes from version 3.21.0\n\n  * [core,info] fix missing NULL check (#12157)\n  * [gateway,tsg] fix TSG_PACKET_RESPONSE parsing (#12161)\n  * Allow querying auth identity with kerberos when running as a server (#12162)\n  * Sspi krb heimdal (#12163)\n  * Tsg fix idleTimeout parsing (#12167)\n  * [channels,smartcard] revert 649f7de (#12166)\n  * [crypto] deprecate er and der modules (#12170)\n  * [channels,rdpei] lock full update, not only parts (#12175)\n  * [winpr,platform] add WINPR_ATTR_NODISCARD macro (#12178)\n  * Wlog cleanup (#12179)\n  * new stringify functions & touch API defines (#12180)\n  * Add support for querying SECPKG_ATTR_PACKAGE_INFO to NTLM and Kerberos (#12171)\n  * [channels,video] measure times in ns (#12184)\n  * [utils] Nodiscard (#12187)\n  * Error handling fixes (#12186)\n  * [channels,drdynvc] check pointer before reset (#12189)\n  * Winpr api def (#12190)\n  * [winpr,platform] drop C23 [[nodiscard]] (#12192)\n  * [gdi] add additional checks for a valid rdpGdi (#12194)\n  * Sdl3 high dpiv2 (#12173)\n  * peer: Disconnect if Logon() returned FALSE (#12196)\n  * [channels,rdpecam] fix PROPERTY_DESCRIPTION parsing (#12197)\n  * [channel,rdpsnd] only clean up thread before free (#12199)\n  * [channels,rdpei] add RDPINPUT_CONTACT_FLAG_UP (#12195)\n\n- Update to version 3.21.0:\n\n  + Bugfix release with a few new API functions addressing shortcomings with\n    regard to input data validation.\n    Thanks to @ehdgks0627 we have fixed the following additional (medium)\n    client side vulnerabilities:\n\n    * CVE-2026-23530\n    * CVE-2026-23531\n    * CVE-2026-23532\n    * CVE-2026-23533\n    * CVE-2026-23534\n    * CVE-2026-23732\n    * CVE-2026-23883\n    * CVE-2026-23884\n\n- Changes from version 3.20.2\n\n  * [client,sdl] fix monitor resolution (#12142)\n  * [codec,progressive] fix progressive_rfx_upgrade_block (#12143)\n  * Krb cache fix (#12145)\n  * Rdpdr improved checks (#12141)\n  * Codec advanced length checks (#12146)\n  * Glyph fix length checks (#12151)\n  * Wlog printf format string checks (#12150)\n  * [warnings,format] fix format string warnings (#12152)\n  * Double free fixes (#12153)\n  * [clang-tidy] clean up code warnings (#12154)\n\n- Update to version 3.20.2:\n\n  + Patch release fixing a regression with gateway connections\n    introduced with 3.20.1\n    ## What's Changed\n    * Warnings and missing enumeration types (#12137)\n\n- Changes from version 3.20.1:\n\n  + New years cleanup release. Fixes some issues reported and does\n    a cleaning sweep to bring down warnings.\n    Thanks to @ehdgks0627 doing some code review/testing we've\n    uncovered the following (medium) vulnerabilities:\n\n    * CVE-2026-22851\n    * CVE-2026-22852\n    * CVE-2026-22853\n    * CVE-2026-22854\n    * CVE-2026-22855\n    * CVE-2026-22856\n    * CVE-2026-22857\n    * CVE-2026-22858\n    * CVE-2026-22859\n\n  + These affect FreeRDP based clients only, with the exception of\n    CVE-2026-22858 also affecting FreeRDP proxy. FreeRDP based\n    servers are not affected.\n\n- Update to version 3.20.0:\n\n  * Mingw fixes (#12070)\n  * [crypto,certificate_data] add some hostname sanitation\n  * [client,common]: Fix loading of rdpsnd channel\n  * [client,sdl] set touch and pen hints\n\n- Changes from version 3.19.1:\n\n  * [core,transport] improve SSL error logging\n  * [utils,helpers] fix freerdp_settings_get_legacy_config_path\n  * From stdin and sdl-creds improve\n  * [crypto,certificate] sanitize hostnames\n  * [channels,drdynvc] propagate error in dynamic channel\n  * [CMake] make Mbed-TLS and LibreSSL experimental\n  * Json fix\n  * rdpecam: send sample only if it's available\n  * [channels,rdpecam] allow MJPEG frame skip and direct passthrough\n  * [winpr,utils] explicit NULL checks in jansson WINPR_JSON_ParseWithLength\n\n- Changes from version 3.19.0:\n\n  * [client,common] fix retry counter\n  * [cmake] fix aarch64 neon detection\n  * Fix response body existence check when using RDP Gateway\n  * fix line clipping issue\n  * Clip coord fix\n  * [core,input] Add debug log to keyboard state sync\n  * Update command line usage for gateway option\n  * [codec,ffmpeg] 8.0 dropped AV_PROFILE_AAC_MAIN\n  * [channels,audin] fix pulse memory leak\n  * [channels,drive] Small performance improvements in drive channel\n  * [winpr,utils] fix command line error logging\n  * [common,test] Adjust AVC and H264 expectations\n  * drdynvc: implement compressed packet\n  * [channels,rdpecam] improve log messages\n  * Fix remote credential guard channel loading\n  * Fix inverted ifdef\n  * [core,nego] disable all enabled modes except the one requested\n  * rdpear: handle basic NTLM commands and fix server-side\n  * [smartcardlogon] Fix off-by-one error in `smartcard_hw_enumerateCerts`\n  * rdpecam: fix camera sample grabbing\n\n- Update to version 3.18.0:\n\n  + Fix a regression reading passwords from stdin\n  + Fix a timer regression (µs instead of ms)\n  + Improved multitouch support\n  + Fix a bug with PLANAR codec (used with /bpp:32 or sometimes with /gfx)\n  + Better error handling for ARM transport (Entra)\n  + Fix audio encoder lag (microphone/AAC) with FFMPEG\n  + Support for janssen JSON library\n\n- Update to version 3.17.2:\n\n  + Minor improvements and bugfix release.\n  + Most notably resource usage (file handles) has been greatly reduced and\n    static build pkg-config have been fixed.\n    For users of xfreerdp RAILS/RemoteApp mode the switch to DesktopSession\n    mode has been fixed (working UAC screen)\n\n- Changes from version 3.17.1\n\n  + Minor improvements and bugfix release.\n    * most notably a memory leak was addressed\n    * fixed header files missing C++ guards\n    * xfreerdp as well as the SDL clients now support a system wide configuration file\n    * Heimdal kerberos support was improved\n    * builds with [MS-RDPEAR] now properly abort at configure if Heimdal is used\n      (this configuration was never supported, so ensure nobody compiles it that way)\n\n- Enable openh264 support, we can build against the noopenh264 stub\n\n- Update to 3.17.0:\n\n  * [client,sdl2] fix build with webview (#11685)\n  * [core,nla] use wcslen for password length (#11687)\n  * Clear channel error prior to call channel init event proc (#11688)\n  * Warn args (#11689)\n  * [client,common] fix -mouse-motion (#11690)\n  * [core,proxy] fix IPv4 and IPv6 length (#11692)\n  * Regression fix2 (#11696)\n  * Log fixes (#11693)\n  * [common,settings] fix int casts (#11699)\n  * [core,connection] fix log level of several messages (#11697)\n  * [client,sdl] print current video driver (#11701)\n  * [crypto,tls] print big warning for /cert:ignore (#11704)\n  * [client,desktop] fix StartupWMClass setting (#11708)\n  * [cmake] unify version creation (#11711)\n  * [common,settings] force reallocation on caps copy (#11715)\n  * [manpages] Add example of keyboard remapping (#11718)\n  * Some fixes in Negotiate and NLA (#11722)\n  * [client,x11] fix clipboard issues (#11724)\n  * kerberos: do various tries for TGT retrieval in u2u (#11723)\n  * Cmdline escape strings (#11735)\n  * [winpr,utils] do not log command line arguments (#11736)\n  * [api,doc] Add stylesheed for doxygen (#11738)\n  * [core,proxy] fix BIO read methods (#11739)\n  * [client,common] fix sso_mib_get_access_token return value in error case (#11741)\n  * [crypto,tls] do not use context->settings->instance (#11749)\n  * winpr: re-introduce the credentials module (#11734)\n  * [winpr,timezone] ensure thread-safe initialization (#11754)\n  * core/redirection: Ensure stream has enough space for the certificate (#11762)\n  * [client,common] do not log success (#11766)\n  * Clean up bugs exposed on systems with high core counts (#11761)\n  * [cmake] add installWithRPATH (#11747)\n  * [clang-tidy] fix various warnings (#11769)\n  * Wlog improve type checks (#11774)\n  * [client,common] fix tenantid command line parsing (#11779)\n  * Proxy module static and shared linking support (#11768)\n  * LoadLibrary Null fix (#11786)\n  * [client,common] add freerdp_client_populate_settings_from_rdp_file_un… (#11780)\n  * Fullchain support (#11787)\n  * [client,x11] ignore floatbar events (#11771)\n  * [winpr,credentials] prefer utf-8 over utf-16-LE #11790\n  * [proxy,modules] ignore bitmap-filter skip remaining #11789\n\n- Update to 3.16.0:\n  * Lots of improvements for the SDL3 client\n  * Various X11 client improvements\n  * Add a timer implementation\n  * Various AAD/Azure/Entra improvements\n  * YUV420 primitives fixes\n- Update to 3.15.0:\n  * [client,sdl] fix crash on suppress output\n  * [channels,remdesk] fix possible memory leak\n  * [client,x11] map exit code success\n  * Hidef rail checks and deprecation fixe\n  * Standard rdp security network issues\n  * [core,rdp] fix check for SEC_FLAGSHI_VALID\n  * [core,caps] fix rdp_apply_order_capability_set\n  * [core,proxy] align no_proxy to curl\n  * [core,gateway] fix string reading for TSG\n  * [client,sdl] refactor display update\n\n- Update to version 3.14.0:\n\n  + Bugfix and cleanup release. Due to some new API functions the\n    minor version has been increased.\n\n- Changes from version 3.13.0:\n\n  + Friends of old hardware rejoice, serial port redirection got an\n    update (not kidding you)\n  + Android builds have been updated to be usable again\n  + Mingw builds now periodically do a shared and static build\n  + Fixed some bugs and regressions along the way and improved test\n    coverage as well\n\n- Changes from version 3.12.0:\n\n  + Multimonitor backward compatibility fixes\n  + Smartcard compatibility\n  + Improve the [MS-RDPECAM] support\n  + Improve smartcard redirection support\n  + Refactor SSE optimizations: Split headers, unify load/store,\n    require SSE3 for all optimized functions\n  + Refactors the CMake build to better support configuration based\n    builders\n  + Fix a few regressions from last release (USB redirection and\n    graphical glitches)\n\n- Changes from version 3.11.0:\n\n  + A new release with bugfixes and code cleanups as well as a few\n    nifty little features\n\n- CVE-2024-22211: In affected versions an integer overflow in\n    `freerdp_bitmap_planar_context_reset` leads to heap-buffer\n    overflow. (bsc#1219049)\n\n- CVE-2024-32658: Fixedout-of-bounds read in Interleaved RLE Bitmap Codec in FreeRDP based clients (bsc#1223353)\n\n- Multiple CVE fixes\n  + CVE-2024-32659: Fixed out-of-bounds read if `((nWidth == 0) and (nHeight == 0))`(bsc#1223346)\n  + CVE-2024-32660: Fixed client crash via invalid huge allocation size (bsc#1223347)\n  + CVE-2024-32661: Fixed client NULL pointer dereference (bsc#1223348)\n\n- Multiple CVE fixes:\n    * bsc#1223293, CVE-2024-32039\n    * bsc#1223294, CVE-2024-32040\n    * bsc#1223295, CVE-2024-32041\n    * bsc#1223296, CVE-2024-32458\n    * bsc#1223297, CVE-2024-32459\n    * bsc#1223298, CVE-2024-32460\n\n  * Fix CVE-2023-40574 - bsc#1214869: Out-Of-Bounds Write in general_YUV444ToRGB_8u_P3AC4R_BGRX\n  * Fix CVE-2023-40575 - bsc#1214870: Out-Of-Bounds Read in general_YUV444ToRGB_8u_P3AC4R_BGRX\n  * Fix CVE-2023-40576 - bsc#1214871: Out-Of-Bounds Read in RleDecompress\n","id":"openSUSE-SU-2026:20339-1","modified":"2026-03-10T12:34:56Z","published":"2026-03-10T12:34:56Z","references":[{"type":"ADVISORY","url":null},{"type":"REPORT","url":"https://bugzilla.suse.com/1214869"},{"type":"REPORT","url":"https://bugzilla.suse.com/1214870"},{"type":"REPORT","url":"https://bugzilla.suse.com/1214871"},{"type":"REPORT","url":"https://bugzilla.suse.com/1219049"},{"type":"REPORT","url":"https://bugzilla.suse.com/1223293"},{"type":"REPORT","url":"https://bugzilla.suse.com/1223294"},{"type":"REPORT","url":"https://bugzilla.suse.com/1223295"},{"type":"REPORT","url":"https://bugzilla.suse.com/1223296"},{"type":"REPORT","url":"https://bugzilla.suse.com/1223297"},{"type":"REPORT","url":"https://bugzilla.suse.com/1223298"},{"type":"REPORT","url":"https://bugzilla.suse.com/1223346"},{"type":"REPORT","url":"https://bugzilla.suse.com/1223347"},{"type":"REPORT","url":"https://bugzilla.suse.com/1223348"},{"type":"REPORT","url":"https://bugzilla.suse.com/1223353"},{"type":"REPORT","url":"https://bugzilla.suse.com/1243109"},{"type":"REPORT","url":"https://bugzilla.suse.com/1256717"},{"type":"REPORT","url":"https://bugzilla.suse.com/1256718"},{"type":"REPORT","url":"https://bugzilla.suse.com/1256719"},{"type":"REPORT","url":"https://bugzilla.suse.com/1256720"},{"type":"REPORT","url":"https://bugzilla.suse.com/1256721"},{"type":"REPORT","url":"https://bugzilla.suse.com/1256722"},{"type":"REPORT","url":"https://bugzilla.suse.com/1256723"},{"type":"REPORT","url":"https://bugzilla.suse.com/1256724"},{"type":"REPORT","url":"https://bugzilla.suse.com/1256725"},{"type":"REPORT","url":"https://bugzilla.suse.com/1256940"},{"type":"REPORT","url":"https://bugzilla.suse.com/1256941"},{"type":"REPORT","url":"https://bugzilla.suse.com/1256942"},{"type":"REPORT","url":"https://bugzilla.suse.com/1256943"},{"type":"REPORT","url":"https://bugzilla.suse.com/1256944"},{"type":"REPORT","url":"https://bugzilla.suse.com/1256945"},{"type":"REPORT","url":"https://bugzilla.suse.com/1256946"},{"type":"REPORT","url":"https://bugzilla.suse.com/1256947"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-40574"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-40575"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-40576"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-22211"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-32039"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-32040"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-32041"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-32458"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-32459"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-32460"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-32658"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-32659"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-32660"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-32661"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-4478"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-22851"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-22852"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-22853"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-22854"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-22855"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-22856"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-22857"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-22858"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-22859"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-23530"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-23531"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-23532"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-23533"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-23534"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-23732"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-23883"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-23884"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-23948"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-24491"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-24675"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-24676"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-24677"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-24678"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-24679"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-24680"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-24681"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-24682"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-24683"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-24684"}],"related":["CVE-2023-40574","CVE-2023-40575","CVE-2023-40576","CVE-2024-22211","CVE-2024-32039","CVE-2024-32040","CVE-2024-32041","CVE-2024-32458","CVE-2024-32459","CVE-2024-32460","CVE-2024-32658","CVE-2024-32659","CVE-2024-32660","CVE-2024-32661","CVE-2025-4478","CVE-2026-22851","CVE-2026-22852","CVE-2026-22853","CVE-2026-22854","CVE-2026-22855","CVE-2026-22856","CVE-2026-22857","CVE-2026-22858","CVE-2026-22859","CVE-2026-23530","CVE-2026-23531","CVE-2026-23532","CVE-2026-23533","CVE-2026-23534","CVE-2026-23732","CVE-2026-23883","CVE-2026-23884","CVE-2026-23948","CVE-2026-24491","CVE-2026-24675","CVE-2026-24676","CVE-2026-24677","CVE-2026-24678","CVE-2026-24679","CVE-2026-24680","CVE-2026-24681","CVE-2026-24682","CVE-2026-24683","CVE-2026-24684"],"summary":"Security update for freerdp","upstream":["CVE-2023-40574","CVE-2023-40575","CVE-2023-40576","CVE-2024-22211","CVE-2024-32039","CVE-2024-32040","CVE-2024-32041","CVE-2024-32458","CVE-2024-32459","CVE-2024-32460","CVE-2024-32658","CVE-2024-32659","CVE-2024-32660","CVE-2024-32661","CVE-2025-4478","CVE-2026-22851","CVE-2026-22852","CVE-2026-22853","CVE-2026-22854","CVE-2026-22855","CVE-2026-22856","CVE-2026-22857","CVE-2026-22858","CVE-2026-22859","CVE-2026-23530","CVE-2026-23531","CVE-2026-23532","CVE-2026-23533","CVE-2026-23534","CVE-2026-23732","CVE-2026-23883","CVE-2026-23884","CVE-2026-23948","CVE-2026-24491","CVE-2026-24675","CVE-2026-24676","CVE-2026-24677","CVE-2026-24678","CVE-2026-24679","CVE-2026-24680","CVE-2026-24681","CVE-2026-24682","CVE-2026-24683","CVE-2026-24684"]}