Bug#1054915: bookworm-pu: package freerdp2/2.11.2+dfsg1-1~deb12u1
Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian.org@packages.debian.org
Usertags: pu
X-Debbugs-Cc: freerdp2@packages.debian.org, team@security.debian.org
Control: affects -1 + src:freerdp2
I'm asking for pre-approval to update freerdp2 from 2.10.0 to
2.11.2.
The changes from 2.10.0 to 2.11.2 are mainly targeting security
fixes (12 CVE's, see security tracker [1] for details),
[1] https://security-tracker.debian.org/tracker/source-package/freerdp2
upstream changelog is at
https://github.com/FreeRDP/FreeRDP/blob/stable-2.0/ChangeLog
all commits are:
https://github.com/FreeRDP/FreeRDP/compare/2.10.0...2.11.2
When working on the LTS updates, I've been in contact in contact with the
maintainer and one of the upstream maintainer and checked with them
about feasbility and e.g confirmed that the new upstream version is ABI
compatible. I've tested reverse dependencies (remmina, vinagre,
gnome-connections) against a Windows 10 RDP host and confirmed packages
are still working.
Backporting the fixes is of course possible, but bears a significant
risk for regression, therefor I would prefer to use the new upstream
version, given also that upstream changes are only a few and fixing
also a few bugs that would be nice to be fixed.
As far as I understood it, the maintainers would also prefer the new
version over patching the one in stable. (They are in CC, so can
intervene if I got that wrong…)
If this is a viable route, please let me know and I will prepare a
debdiff for a the real approval.
--
Cheers,
tobi
Reply to: