Skip to content

freerdp-3/3.5.1 package update #17413

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
ajayk merged 1 commit into from
Apr 22, 2024
Merged

freerdp-3/3.5.1 package update #17413

ajayk merged 1 commit into from
Apr 22, 2024

Conversation

@octo-sts
Copy link
Contributor

@octo-sts octo-sts bot commented Apr 22, 2024

@octo-sts octo-sts bot added request-version-update request for a newer version of a package automated pr labels Apr 22, 2024
@github-actions
Copy link
Contributor

github-actions bot commented Apr 22, 2024

Package freerdp-3-libs: Click to expand/collapse

Package freerdp-3-libs:
Added: /usr/lib/libfreerdp-client3.so.3.5.1
Added: /usr/lib/libfreerdp-server-proxy3.so.3.5.1
Added: /usr/lib/libfreerdp-server3.so.3.5.1
Added: /usr/lib/libfreerdp-shadow-subsystem3.so.3.5.1
Added: /usr/lib/libfreerdp-shadow3.so.3.5.1
Added: /usr/lib/libfreerdp3.so.3.5.1
Added: /usr/lib/libwinpr-tools3.so.3.5.1
Added: /usr/lib/libwinpr3.so.3.5.1
Deleted: /usr/lib/libfreerdp-client3.so.3.5.0
Deleted: /usr/lib/libfreerdp-server-proxy3.so.3.5.0
Deleted: /usr/lib/libfreerdp-server3.so.3.5.0
Deleted: /usr/lib/libfreerdp-shadow-subsystem3.so.3.5.0
Deleted: /usr/lib/libfreerdp-shadow3.so.3.5.0
Deleted: /usr/lib/libfreerdp3.so.3.5.0
Deleted: /usr/lib/libwinpr-tools3.so.3.5.0
Deleted: /usr/lib/libwinpr3.so.3.5.0

Package freerdp-3: Click to expand/collapse

Package freerdp-3:
Modified: /usr/bin/freerdp-proxy
Modified: /usr/bin/freerdp-shadow-cli
Modified: /usr/bin/wlfreerdp

Package freerdp-3-doc: Click to expand/collapse

Package freerdp-3-doc:
Modified: /usr/share/man/man1/freerdp-proxy.1
Modified: /usr/share/man/man1/freerdp-shadow-cli.1
Modified: /usr/share/man/man1/winpr-hash.1
Modified: /usr/share/man/man1/winpr-makecert.1
Modified: /usr/share/man/man1/wlfreerdp.1
Modified: /usr/share/man/man1/xfreerdp.1

Package freerdp-3-dev: Click to expand/collapse

Package freerdp-3-dev:
Modified: /usr/include/freerdp3/freerdp/rail.h
Modified: /usr/include/freerdp3/freerdp/version.h
Modified: /usr/include/winpr3/winpr/version.h
Modified: /usr/lib/cmake/FreeRDP-Client3/FreeRDP-ClientConfig.cmake
Modified: /usr/lib/cmake/FreeRDP-Client3/FreeRDP-ClientConfigVersion.cmake
Modified: /usr/lib/cmake/FreeRDP-Client3/FreeRDP-ClientTargets-minsizerel.cmake
Modified: /usr/lib/cmake/FreeRDP-Proxy3/FreeRDP-ProxyConfig.cmake
Modified: /usr/lib/cmake/FreeRDP-Proxy3/FreeRDP-ProxyConfigVersion.cmake
Modified: /usr/lib/cmake/FreeRDP-Proxy3/FreeRDP-ProxyTargets-minsizerel.cmake
Modified: /usr/lib/cmake/FreeRDP-Server3/FreeRDP-ServerConfig.cmake
Modified: /usr/lib/cmake/FreeRDP-Server3/FreeRDP-ServerConfigVersion.cmake
Modified: /usr/lib/cmake/FreeRDP-Server3/FreeRDP-ServerTargets-minsizerel.cmake
Modified: /usr/lib/cmake/FreeRDP-Shadow3/FreeRDP-ShadowConfig.cmake
Modified: /usr/lib/cmake/FreeRDP-Shadow3/FreeRDP-ShadowConfigVersion.cmake
Modified: /usr/lib/cmake/FreeRDP-Shadow3/FreeRDP-ShadowTargets-minsizerel.cmake
Modified: /usr/lib/cmake/FreeRDP3/FreeRDPConfig.cmake
Modified: /usr/lib/cmake/FreeRDP3/FreeRDPConfigVersion.cmake
Modified: /usr/lib/cmake/FreeRDP3/FreeRDPTargets-minsizerel.cmake
Modified: /usr/lib/cmake/WinPR-tools3/WinPR-toolsConfig.cmake
Modified: /usr/lib/cmake/WinPR-tools3/WinPR-toolsConfigVersion.cmake
Modified: /usr/lib/cmake/WinPR-tools3/WinPR-toolsTargets-minsizerel.cmake
Modified: /usr/lib/cmake/WinPR3/WinPRConfig.cmake
Modified: /usr/lib/cmake/WinPR3/WinPRConfigVersion.cmake
Modified: /usr/lib/cmake/WinPR3/WinPRTargets-minsizerel.cmake
Modified: /usr/lib/pkgconfig/freerdp-client3.pc
Modified: /usr/lib/pkgconfig/freerdp-server-proxy3.pc
Modified: /usr/lib/pkgconfig/freerdp-server3.pc
Modified: /usr/lib/pkgconfig/freerdp-shadow3.pc
Modified: /usr/lib/pkgconfig/freerdp3.pc
Modified: /usr/lib/pkgconfig/winpr-tools3.pc
Modified: /usr/lib/pkgconfig/winpr3.pc

bincapz found differences: Click to expand/collapse

Deleted: freerdp-3-libs/usr/lib/libfreerdp-client3.so.3.5.0

RISK KEY DESCRIPTION
meta lang c++
-2/MEDIUM fs/file/times/set change file timestamps
-2/MEDIUM fs/mounts/read parses active mounts (/etc/fstab, /etc/mtab)
-2/MEDIUM net/socks5 supports SOCK5 proxies
-2/MEDIUM procfs/mounts parses active mounts (/proc/mounts
-2/MEDIUM ref/words/agent references an 'agent': "sshagent"
-2/MEDIUM ref/words/c2 uses terms that may reference remote control abilities: "remote_control"
-1/LOW encoding/base64 supports base64 encoded strings
-1/LOW fs/mount mounts file systems
-1/LOW net/http/request makes HTTP requests
-1/LOW net/ip access the internet
-1/LOW net/ipp/request makes IPP (Internet Printing Protocol) requests
-1/LOW net/oauth2 supports OAuth2
-1/LOW ref/path/usr/bin references paths within /usr/bin: "/usr/bin/rdp2tcp"
-1/LOW ref/site/url contains embedded HTTPS URLs:
https://github.com/FreeRDP/FreeRDP/issues
https://github.com/freerdp/freerdp
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=
https://matrix.to/
-1/LOW ref/words/password references a password: "Password
password"

Deleted: freerdp-3-libs/usr/lib/libfreerdp3.so.3.5.0

RISK KEY DESCRIPTION
meta lang c++
-2/MEDIUM combo/backdoor/crypto_listen_socks socks crypto listener: "SOCKS5
crypto
listen
socks5"
-2/MEDIUM combo/net/tunnel_proxy network tunnel proxy: "Proxy
SOCKS5
Tunnel
crypto
proxy
socket
tunnel"
-2/MEDIUM net/http/cookies able to access HTTP resources using cookies
-2/MEDIUM net/http/form/upload upload content via HTTP form
-2/MEDIUM net/http/post able to submit content via HTTP POST
-2/MEDIUM net/ip/parse parses IP address (IPv4 or IPv6)
-2/MEDIUM net/ip/string converts IP address from byte to string
-2/MEDIUM net/reuseport able to listen and dial from the same TCP/UDP port
-2/MEDIUM net/sniffer pcap user
-2/MEDIUM net/socks5 supports SOCK5 proxies
-2/MEDIUM net/url/encode encodes URL, likely to pass GET variables
-2/MEDIUM ref/words/agent references an 'agent': "set_user_agent"
-1/LOW crypto/tls tls
-1/LOW encoding/base64 supports base64 encoded strings
-1/LOW env/SHELL users preferred SHELL path
-1/LOW fs/file/delete deletes files
-1/LOW net/hostport/parse network address and service translation
-1/LOW net/http/auth makes HTTP requests with basic authentication
-1/LOW net/http/request makes HTTP requests
-1/LOW net/http_proxy able to find HTTP proxies
-1/LOW net/ip access the internet
-1/LOW net/socket/listen listen on a socket
-1/LOW net/socket/local/address get local address of connected socket
-1/LOW net/socket/peer/address get peer address of connected socket
-1/LOW net/socket/receive receive a message from a socket
-1/LOW net/socket/send send a message to a socket
-1/LOW process/thread_local_storage uses glibc thread local storage: "__tls_get_addr"
-1/LOW ref/words/password references a password: "Password
password"
-1/LOW secrets/private_key references private keys: "privateKey"

Deleted: freerdp-3-libs/usr/lib/libwinpr-tools3.so.3.5.0

RISK KEY DESCRIPTION
-1/LOW ref/words/password references a password: "password"
-1/LOW secrets/private_key references private keys: "private_key"

Deleted: freerdp-3-libs/usr/lib/libfreerdp-server3.so.3.5.0

RISK KEY DESCRIPTION
meta lang c++
-2/MEDIUM exec/shell_echo uses the echo command to generate output: "echo server's OpenResult callback failed with error %u"
-2/MEDIUM fs/file/times/set change file timestamps
-2/MEDIUM ref/words/c2 uses terms that may reference remote control abilities: "remote_control"
-1/LOW ref/site/url contains embedded HTTPS URLs: "https://github.com/FreeRDP/FreeRDP/issues
https://github.com/freerdp/freerdp
https://matrix.to/"
-1/LOW ref/words/password references a password: "password"

Moved: freerdp-3-libs/usr/lib/libfreerdp-shadow3.so.3.5.0 -> freerdp-3-libs/usr/lib/libfreerdp-client3.so.3.5.1 (score: 0.916000)

Previous Risk: ✅ 1/LOW
New Risk: ✅ 2/MEDIUM

RISK KEY DESCRIPTION
+2/MEDIUM fs/file/times/set change file timestamps
+2/MEDIUM fs/mounts/read parses active mounts (/etc/fstab, /etc/mtab)
+2/MEDIUM net/socks5 supports SOCK5 proxies
+2/MEDIUM procfs/mounts parses active mounts (/proc/mounts
+2/MEDIUM ref/words/agent references an 'agent': "sshagent"
+2/MEDIUM ref/words/c2 uses terms that may reference remote control abilities: "remote_control"
+1/LOW encoding/base64 supports base64 encoded strings
+1/LOW net/http/request makes HTTP requests
+1/LOW net/ip access the internet
+1/LOW net/ipp/request makes IPP (Internet Printing Protocol) requests
+1/LOW net/oauth2 supports OAuth2
-1/LOW net/socket/send send a message to a socket
-1/LOW ref/path/etc references paths within /etc: "/etc/winpr/"
+1/LOW ref/path/usr/bin references paths within /usr/bin: "/usr/bin/rdp2tcp"
+1/LOW ref/site/url contains embedded HTTPS URLs:
https://github.com/FreeRDP/FreeRDP/issues
https://github.com/freerdp/freerdp
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=
https://matrix.to/
+1/LOW ref/words/password references a password: "Password
password"
-1/LOW secrets/private_key references private keys: "private_key"

Moved: freerdp-3-libs/usr/lib/libfreerdp-shadow3.so.3.5.0 -> freerdp-3-libs/usr/lib/libfreerdp3.so.3.5.1 (score: 0.904000)

Previous Risk: ✅ 1/LOW
New Risk: ✅ 2/MEDIUM

RISK KEY DESCRIPTION
+2/MEDIUM combo/backdoor/crypto_listen_socks socks crypto listener: "SOCKS5
crypto
listen
socks5"
+2/MEDIUM combo/net/tunnel_proxy network tunnel proxy: "Proxy
SOCKS5
Tunnel
crypto
proxy
socket
tunnel"
+2/MEDIUM net/http/cookies able to access HTTP resources using cookies
+2/MEDIUM net/http/form/upload upload content via HTTP form
+2/MEDIUM net/http/post able to submit content via HTTP POST
+2/MEDIUM net/ip/parse parses IP address (IPv4 or IPv6)
+2/MEDIUM net/ip/string converts IP address from byte to string
+2/MEDIUM net/reuseport able to listen and dial from the same TCP/UDP port
+2/MEDIUM net/sniffer pcap user
+2/MEDIUM net/socks5 supports SOCK5 proxies
+2/MEDIUM net/url/encode encodes URL, likely to pass GET variables
+2/MEDIUM ref/words/agent references an 'agent': "set_user_agent"
+1/LOW crypto/tls tls
+1/LOW encoding/base64 supports base64 encoded strings
+1/LOW env/SHELL users preferred SHELL path
+1/LOW fs/file/delete deletes files
+1/LOW net/hostport/parse network address and service translation
+1/LOW net/http/auth makes HTTP requests with basic authentication
+1/LOW net/http/request makes HTTP requests
+1/LOW net/http_proxy able to find HTTP proxies
+1/LOW net/ip access the internet
+1/LOW net/socket/listen listen on a socket
+1/LOW net/socket/local/address get local address of connected socket
+1/LOW net/socket/peer/address get peer address of connected socket
+1/LOW net/socket/receive receive a message from a socket
+1/LOW process/thread_local_storage uses glibc thread local storage: "__tls_get_addr"
-1/LOW ref/path/etc references paths within /etc: "/etc/winpr/"
+1/LOW ref/words/password references a password: "Password
password"

Moved: freerdp-3-libs/usr/lib/libfreerdp-shadow-subsystem3.so.3.5.0 -> freerdp-3-libs/usr/lib/libfreerdp-shadow-subsystem3.so.3.5.1 (score: 0.990000)

Moved: freerdp-3-libs/usr/lib/libfreerdp-shadow3.so.3.5.0 -> freerdp-3-libs/usr/lib/libfreerdp-server3.so.3.5.1 (score: 0.928000)

Previous Risk: ✅ 1/LOW
New Risk: ✅ 2/MEDIUM

RISK KEY DESCRIPTION
+2/MEDIUM exec/shell_echo uses the echo command to generate output: "echo server's OpenResult callback failed with error %u"
+2/MEDIUM fs/file/times/set change file timestamps
+2/MEDIUM ref/words/c2 uses terms that may reference remote control abilities: "remote_control"
-1/LOW net/socket/send send a message to a socket
-1/LOW ref/path/etc references paths within /etc: "/etc/winpr/"
+1/LOW ref/site/url contains embedded HTTPS URLs: "https://github.com/FreeRDP/FreeRDP/issues
https://github.com/freerdp/freerdp
https://matrix.to/"
+1/LOW ref/words/password references a password: "password"
-1/LOW secrets/private_key references private keys: "private_key"

Moved: freerdp-3-libs/usr/lib/libwinpr3.so.3.5.0 -> freerdp-3-libs/usr/lib/libwinpr3.so.3.5.1 (score: 0.985366)

Moved: freerdp-3-libs/usr/lib/libfreerdp-server-proxy3.so.3.5.0 -> freerdp-3-libs/usr/lib/libfreerdp-server-proxy3.so.3.5.1 (score: 0.989286)

Moved: freerdp-3-libs/usr/lib/libwinpr3.so.3.5.0 -> freerdp-3-libs/usr/lib/libwinpr-tools3.so.3.5.1 (score: 0.910638)

Previous Risk: 🔥 3/HIGH
New Risk: ✅ 1/LOW

RISK KEY DESCRIPTION
-3/HIGH procfs/pid/exe accesses underlying executable of other processes
-2/MEDIUM combo/net/scan_tool may scan networks: "connect
gethostbyname
port
socket
target"
-2/MEDIUM exec/program executes another program
-2/MEDIUM net/download downloads files
-2/MEDIUM net/http/post able to submit content via HTTP POST
-2/MEDIUM net/ip/parse parses IP address (IPv4 or IPv6)
-2/MEDIUM net/ip/string converts IP address from byte to string
-2/MEDIUM net/socket/connect initiate a connection on a socket
-2/MEDIUM procfs/arbitrary/pid access /proc for arbitrary pids: "/proc/%d/exe"
-2/MEDIUM ref/path/tmp references paths within /tmp: "/tmp/localhost.crt"
-2/MEDIUM ref/site/http/dynamic uRL that is dynamically generated: "https://%s/KdcProxy"
-2/MEDIUM ref/words/infected references being 'infected': "INFECTED"
-1/LOW dylib/address/check determine if address belongs to a shared library
-1/LOW dylib/symbol/address get the address of a symbol
-1/LOW env/HOME looks up the HOME directory for the current user
-1/LOW env/LANG looks up language of current user
-1/LOW env/TEMP tmpdir
-1/LOW env/TMPDIR tMPDIR
-1/LOW env/USER uSER
-1/LOW exec/program/background waits for a process to exit
-1/LOW fs/directory/create creates directories
-1/LOW fs/directory/remove uses libc functions to remove directories
-1/LOW fs/fifo/create make a FIFO special file (a named pipe)
-1/LOW fs/file/delete deletes files
-1/LOW fs/file/times/set change file timestamps with nanosecond precision
-1/LOW fs/file/truncate truncate a file to a specified length
-1/LOW fs/link/read read value of a symbolic link
-1/LOW fs/lock/update apply or remove an advisory lock on a file
-1/LOW fs/permission/modify modifies file permissions
-1/LOW fs/symlink/resolve resolves symbolic links
-1/LOW kernel/hostname/get gets the hostname of the machine
-1/LOW net/hostname/resolve resolves network hosts via name
-1/LOW net/hostport/parse network address and service translation
-1/LOW net/ip/resolve resolves network hosts via IP address
-1/LOW net/socket/listen listen on a socket
-1/LOW net/socket/local/address get local address of connected socket
-1/LOW net/socket/peer/address get peer address of connected socket
-1/LOW net/socket/receive receive a message from a socket
-1/LOW net/socket/send send a message to a socket
-1/LOW process/groupid/set set real and effective group ID of process
-1/LOW process/multithreaded uses pthreads
-1/LOW process/userid/set set real and effective user ID of current process
-1/LOW ref/path/etc references paths within /etc: "/etc/localtime
/etc/timezone
/etc/winpr/"
-1/LOW ref/path/var references paths within /var: "/var/run/freerds.instance"

Moved: freerdp-3-libs/usr/lib/libfreerdp-shadow3.so.3.5.0 -> freerdp-3-libs/usr/lib/libfreerdp-shadow3.so.3.5.1 (score: 0.988000)

@ajayk ajayk merged commit 2b8768b into main Apr 22, 2024
@ajayk ajayk deleted the wolfictl-e174a59c-acfe-4a49-8e38-5167312812f3 branch April 22, 2024 10:55
@philroche philroche mentioned this pull request Oct 15, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ajayk ajayk ajayk approved these changes

Assignees

No one assigned

Labels

automated pr request-version-update request for a newer version of a package

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@ajayk @wolfi-bot