forked from FreeRDP/FreeRDP
-
Notifications
You must be signed in to change notification settings - Fork 0
/
ChangeLog
401 lines (323 loc) · 14.1 KB
/
ChangeLog
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
# 2020-07-20 Version 2.2.0
Important notes:
* CVE-2020-15103 - Integer overflow due to missing input sanitation in rdpegfx channel
Noteworty changes:
* fix: memory leak in nsc
* urbdrc
* some fixes and improvements
* build
* use cmake to detect getlogin_r
* improve asan checks/detection
* server/proxy
* new: support for heartbeats
* new: support for rail handshake ex flags
* fix: possible race condition with redirects
Fixed issues:
* #6263 Sound & mic - filter GSM codec for microphone redirection
* #6335: windows client title length
* #6370 - "Alternate Secondary Drawing Order UNKNOWN"
* #6298 - remoteapp with dialog is disconnecting when it loses focus
* #6299 - v2.1.2: Can't connect to Windows7
For a complete and detailed change log since the last release run:
git log 2.1.2..2.2.0
# 2020-06-22 Version 2.1.2
Important notes:
* CVE-2020-4033 Out of bound read in RLEDECOMPRESS
* CVE-2020-4031 Use-After-Free in gdi_SelectObject
* CVE-2020-4032 Integer casting vulnerability in `update_recv_secondary_order`
* CVE-2020-4030 OOB read in `TrioParse`
* CVE-2020-11099 OOB Read in license_read_new_or_upgrade_license_packet
* CVE-2020-11098 Out-of-bound read in glyph_cache_put
* CVE-2020-11097 OOB read in ntlm_av_pair_get
* CVE-2020-11095 Global OOB read in update_recv_primary_order
* CVE-2020-11096 Global OOB read in update_read_cache_bitmap_v3_order
* Gateway RPC fixes for windows
* Fixed resource fee race resulting in double free in USB redirection
* Fixed wayland client crashes
* Fixed X11 client mouse mapping issues (X11 mapping on/off)
* Some proxy related improvements (capture module)
* Code cleanup (use getlogin_r, ...)
For a complete and detailed change log since the last release candidate run:
git log 2.1.1..2.1.2
# 2020-05-20 Version 2.1.1
Important notes:
* CVE: GHSL-2020-100 OOB Read in ntlm_read_ChallengeMessage
* CVE: GHSL-2020-101 OOB Read in security_fips_decrypt due to uninitialized value
* CVE: GHSL-2020-102 OOB Write in crypto_rsa_common
* Enforce synchronous legacy RDP encryption count (#6156)
* Fixed some leaks and crashes missed in 2.1.0
* Removed dynamic channel listener limits
* Lots of resource cleanup fixes (clang sanitizers)
* A couple of performance improvements
* Various small annoyances eliminated (typos, prefilled username for windows client, ...)
For a complete and detailed change log since the last release candidate run:
git log 2.1.0..2.1.1
# 2020-05-05 Version 2.1.0
Important notes:
* fix multiple CVEs: CVE-2020-11039, CVE-2020-11038, CVE-2020-11043, CVE-2020-11040, CVE-2020-11041,
CVE-2020-11019, CVE-2020-11017, CVE-2020-11018
* fix multiple leak and crash issues (#6129, #6128, #6127, #6110, #6081, #6077)
Noteworthy features and improvements:
* Fixed sound issues (#6043)
* New expert command line options /tune and /tune-list to modify all client
settings in a generic way.
* Fixes for smartcard cache, this improves compatibility of smartcard devices
with newer smartcard channel.
* Shadow server can now be instructed to listen to multiple interfaces.
* Improved server certificate support (#6052)
* Various fixes for wayland client (fullscreen, mouse wheel, ...)
* Fixed large mouse pointer support, now mouse pointers > 96x96 pixel are visible.
* USB redirection command line improvements (filter options)
* Various translation improvements for android and ios clients
For a complete and detailed change log since the last release candidate run:
git log 2.0.0..2.1.0
# 2020-04-09 Version 2.0.0
Important notes:
* fix multiple CVEs: CVE-2020-11521 CVE-2020-11522 CVE-2020-11523 CVE-2020-11524 CVE-2020-11525 CVE-2020-11526
* fix multiple other security related issues (#6005, #6006, #6007, #6008, #6009, #6010, #6011, #6012, #6013)
* sha256 is now used instead of sha1 to fingerprint certificates. This will
invalidate all hosts in FreeRDP known_hosts2 file and causes a prompt if a
new connection is established after the update
Noteworthy features and improvements:
* First version of the RDP proxy was added (#5372) - thanks to @kubistika
* Smartcard received some refactoring. Missing functions were added and input
validation was improved (#5884)
* A new option /cert that unifies all certificate related options (#5880)
The old options (cert-ignore, cert-deny, cert-name, cert-tofu) are still
available but marked as deprecated
* Support for Remote Assistance Protocol Version 2 [MS-RA]
* The DirectFB client was removed because it was unmaintained
* Unified initialization of OrderSupport
* Fix for licensing against Windows Server 2003
* Font smoothing is now enabled per default
* Flatpack support was added
* Smart scaling for Wayland using libcairo was added (#5215)
* Unified update->BeginPaint and update->EndPaint
* An image scaling API for software drawing was added
* Rail was updated to the latest spec version 28.0
* Support for H.264 in the shadow server is now detected at runtime
* Add mask=<value> option for /gfx and /gfx-h264 (#5771)
* Code reformatting (#5667)
* A new option /timeout was added to adjust the TCP ACK timeout (#5987)
For a complete and detailed change log since the last release candidate run:
git log 2.0.0-rc4..2.0.0
# 2018-11-19 Version 2.0.0-rc4
FreeRDP 2.0.0-rc4 is the fifth release candidate for 2.0.0. Although it mainly
addresses security and stability there are some new features as well.
Noteworthy features and improvements:
* fix multiple reported CVEs (#5031)
* gateway: multiple fixes and improvements (#3600, #4787, #4902, #4964, #4947,
#4952, #4938)
* client/X11: support for rail (remote app) icons was added (#5012)
* licensing: the licensing code was re-worked. Per-device licenses
are now saved on the client and used on re-connect.
WARNING: this is a change in FreeRDP behavior regarding licensing. If the old
behavior is required, or no licenses should be saved use the
new command line option +old-license (#4979)
* improve order handling - only orders that were enabled
during capability exchange are accepted (#4926).
WARNING and NOTE: some servers do improperly send orders that weren't negotiated,
for such cases the new command line option /relax-order-checks was added to
disable the strict order checking. If connecting to xrdp the options
/relax-order-checks *and* +glyph-cache are required.
* /smartcard has now support for substring filters (#4840)
for details see https://github.com/FreeRDP/FreeRDP/wiki/smartcard-logon
* add support to set tls security level (for openssl >= 1.1.0)
- default level is set to 1
- the new command line option /tls-seclevel:[LEVEL] allows to set
a different level if required
* add new command line option /smartcard-logon to allow
smartcard login (currently only with RDP security) (#4842)
* new command line option: /window-position to allow positioning
the window on startup (#5018)
* client/X11: set window title before mapping (#5023)
* rdpsnd/audin (mostly server side) add support for audio re-sampling using soxr or ffmpeg
* client/Android: add Japanese translation (#4906)
* client/Android: add Korean translation (#5029)
For a complete and detailed change log since the last release candidate run:
git log 2.0.0-rc3..2.0.0-rc4
# 2018-08-01 Version 2.0.0-rc3
FreeRDP 2.0.0-rc3 is the fourth release candidate for 2.0.0.
For a complete and detailed change log since the last release candidate run:
git log 2.0.0-rc2..2.0.0-rc3
Noteworthy features and improvements:
* Updated and improved sound and microphone redirection format support (AAC)
* Improved reliability of reconnect and redirection support
* Fixed memory leaks with +async-update
* Improved connection error reporting
* Improved gateway support (various fixes for HTTP and RDG)
* SOCKS proxy support (all clients)
* More reliable resolution switching with /dynamic-resolution (MS-RDPEVOR) (xfreerdp)
Fixed github issues (excerpt):
* #1924, #4132, #4511 Fixed redirection
* #4165 AAC and MP3 codec support for sound and microphone redirection
* #4222 Gateway connections prefer IP to hostname
* #4550 Fixed issues with +async-update
* #4634 Comment support in known_hosts file
* #4684 /drive and +drives don't work togehter
* #4735 Automatically reconnect if connection timed out waiting for user interaction
See https://github.com/FreeRDP/FreeRDP/milestone/9 for a complete list.
# 2017-11-28 Version 2.0.0-rc2
FreeRDP 2.0.0-rc2 is the third release candidate for 2.0.0.
For a complete and detailed change log since the last release candidate run:
git log 2.0.0-rc1..2.0.0-rc2
Noteworthy features and improvements:
* IMPORTANT: add support CredSSP v6 - this fixes KB4088776 see #4449, #4488
* basic support for the "Video Optimized Remoting Virtual Channel Extension" (MS-RDPEVOR) was added
* many smart card related fixes and cleanups #4312
* fix ccache support
* fix OpenSSL 1.1.0 detection on Windows
* fix IPv6 handling on Windows
* add support for memory and thread sanitizer
* support for dynamic resloution changes was added in xfreerdp #4313
* support for gateway access token (command line option /gat) was added
* initial support for travis-ci.org was added
* SSE optimization version of RGB to AVC444 frame split was added
* build: -msse2/-msse3 are not enabled globally anymore
Fixed github issues (excerpt):
* #4227 Convert settings->Password to binary blob
* #4231 freerdp-2.0.0_rc0: 5 tests failed out of 184 on ppc
* #4276 Big endian fixes
* #4291 xfreerdp “Segmentation fault” when connecting to freerdp-shadow-cli
* #4293 [X11] shadow server memory corruption with /monitors:2 #4293
* #4296 drive redirection - raise an error if the directory can't be founde
* #4306 Cannot connect to shadow server with NLA auth: SEC_E_OUT_OF_SEQUENCE
* #4447 Apple rpath namespace fixes
* #4457 Fix /size: /w: /h: with /monitors: (Fix custom sizes)
* #4527 pre-connection blob (pcb) support in .rdp files
* #4552 Fix Windows 10 cursors drawing as black
* smartcard related: #3521, #3431, #3474, #3488, #775, #1424
See https://github.com/FreeRDP/FreeRDP/milestone/8 for a complete list.
# 2017-11-28 Version 2.0.0-rc1
FreeRDP 2.0.0-rc1 is the second release candidate for 2.0.0.
For a complete and detailed change log since the last release candidate run:
git log 2.0.0-rc0..master
Noteworthy features and improvements:
* support for FIPS mode was added (option +fipsmode)
* initial client side kerberos support (run cmake with WITH_GSSAPI)
* support for ssh-agent redirection (as rdp channel)
* the man page(s) and /help were updated an improved
* build: support for GNU/kFreeBSD
* add support for ICU for unicode conversion (-DWITH_ICU=ON)
* client add option to force password prompt before connection (/from-stdin[:force])
* add Samsung DeX support
* extend /size to allow width or height percentages (#4146)
* add support for "password is pin"
* clipboard is now enabled per default (use -clipboard to disable)
Fixed github issues (excerpt):
* #4281: Added option to prefer IPv6 over IPv4
* #3890: Point to OpenSSL doc for private CA
* #3378: support 31 static channels as described in the spec
* #1536: fix clipboard on mac
* #4253: Rfx decode tile width.
* #3267: fix parsing of drivestoredirect
* #4257: Proper error checks for /kbd argument
* #4249: Corruption due to recursive parser
* #4111: 15bpp color handling for brush.
* #3509: Added Ctrl+Alt+Enter description
* #3211: Return freerdp error from main.
* #3513: add better description for drive redirection
* #4199: ConvertFindDataAToW string length
* #4135: client/x11: fix colors on big endian
* #4089: fix h264 context leak when DeleteSurface
* #4117: possible segfault
* #4091: fix a regression with remote program
See https://github.com/FreeRDP/FreeRDP/milestone/7 for a complete list.
2012-02-07 Version 1.0.1
FreeRDP 1.0.1 is a maintenance release to address a certain number of
issues found in 1.0.0. This release also brings corrective measures
to certificate validation which were required for inclusion in Ubuntu.
* Certificate Validation
* Improved validation logic and robustness
* Added validation of certificate name against hostname
* Token-based Server Redirection
* Fixed redirection logic
* HAProxy load-balancer support
* xfreerdp-server
* better event handling
* capture performance improvements
* wfreerdp
* Fix RemoteFX support
* Fix mingw64 compilation
* libfreerdp-core:
* Fix severe TCP sending bug
* Added server-side Standard RDP security
2012-01-16 Version 1.0.0
License:
FreeRDP 1.0 is the first release of FreeRDP under the Apache License 2.0.
The FreeRDP 1.x series is a rewrite, meaning there is no continuity with
the previous FreeRDP 0.x series which were released under GPLv2.
New Features:
* RemoteFX
* Both encoder and decoder
* SSE2 and NEON optimization
* NSCodec
* RemoteApp
* Working, minor glitches
* Multimedia Redirection
* ffmpeg support
* Network Level Authentication (NLA)
* NTLMv2
* Certificate validation
* FIPS-compliant RDP security
* new build system (cmake)
* added official logo and icon
New Architecture:
* libfreerdp-core
* core protocol
* highly portable
* both client and server
* libfreerdp-cache
* caching operations
* libfreerdp-codec
* bitmap decompression
* codec encoding/decoding
* libfreerdp-kbd
* keyboard mapping
* libfreerdp-channels
* virtual channel management
* client and server side support
* libfreerdp-gdi
* extensively unit tested
* portable software GDI implementation
* libfreerdp-rail
* RemoteApp library
* libfreerdp-utils
* shared utility library
FreeRDP Clients:
* client/X11 (xfreerdp)
* official client
* RemoteApp support
* X11 GDI implementation
* client/DirectFB (dfreerdp)
* DirectFB support
* software-based GDI (libfreerdp-gdi)
* client/Windows (wfreerdp)
* Native Win32 support
FreeRDP Servers (experimental):
* server/X11 (xfreerdp-server)
* RemoteFX-only
* no authentication
* highly experimental
* keyboard and mouse input supported
Virtual Channels:
* cliprdr (Clipboard Redirection)
* rail (RemoteApp)
* drdynvc (Dynamic Virtual Channels)
* audin (Audio Input Redirection)
* alsa support
* pulse support
* tsmf (Multimedia Redirection)
* alsa support
* pulse support
* ffmpeg support
* rdpdr (Device Redirection)
* disk (Disk Redirection)
* parallel (Parallel Port Redirection)
* serial (Serial Port Redirection)
* printer (Printer Redirection)
* CUPS support
* smartcard (Smartcard Redirection)
* rdpsnd (Sound Redirection)
* alsa support
* pulse support