Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

freerdp-3/3.5.0 package update #16981

Merged
merged 1 commit into from
Apr 16, 2024
Merged

freerdp-3/3.5.0 package update #16981

merged 1 commit into from
Apr 16, 2024

Conversation

octo-sts[bot]
Copy link
Contributor

@octo-sts octo-sts bot commented Apr 16, 2024

@octo-sts octo-sts bot added request-version-update request for a newer version of a package automated pr labels Apr 16, 2024
@github-actions GitHub Actions
Copy link
Contributor

Package freerdp-3-libs: Click to expand/collapse

Package freerdp-3-libs:
Added: /usr/lib/libfreerdp-client3.so.3.5.0
Added: /usr/lib/libfreerdp-server-proxy3.so.3.5.0
Added: /usr/lib/libfreerdp-server3.so.3.5.0
Added: /usr/lib/libfreerdp-shadow-subsystem3.so.3.5.0
Added: /usr/lib/libfreerdp-shadow3.so.3.5.0
Added: /usr/lib/libfreerdp3.so.3.5.0
Added: /usr/lib/libwinpr-tools3.so.3.5.0
Added: /usr/lib/libwinpr3.so.3.5.0
Modified: /usr/lib/freerdp3/proxy/proxy-bitmap-filter-plugin.so
Modified: /usr/lib/freerdp3/proxy/proxy-demo-plugin.so
Modified: /usr/lib/freerdp3/proxy/proxy-dyn-channel-dump-plugin.so
Modified: /usr/lib/librdtk0.so.0.2.0
Modified: /usr/lib/libuwac0.so.0.2.0
Deleted: /usr/lib/libfreerdp-client3.so.3.4.0
Deleted: /usr/lib/libfreerdp-server-proxy3.so.3.4.0
Deleted: /usr/lib/libfreerdp-server3.so.3.4.0
Deleted: /usr/lib/libfreerdp-shadow-subsystem3.so.3.4.0
Deleted: /usr/lib/libfreerdp-shadow3.so.3.4.0
Deleted: /usr/lib/libfreerdp3.so.3.4.0
Deleted: /usr/lib/libwinpr-tools3.so.3.4.0
Deleted: /usr/lib/libwinpr3.so.3.4.0

Package freerdp-3: Click to expand/collapse

Package freerdp-3:
Modified: /usr/bin/freerdp-proxy
Modified: /usr/bin/freerdp-shadow-cli
Modified: /usr/bin/sfreerdp
Modified: /usr/bin/sfreerdp-server
Modified: /usr/bin/winpr-hash
Modified: /usr/bin/winpr-makecert
Modified: /usr/bin/wlfreerdp
Modified: /usr/bin/xfreerdp

Package freerdp-3-doc: Click to expand/collapse

Package freerdp-3-doc:
Modified: /usr/share/man/man1/freerdp-proxy.1
Modified: /usr/share/man/man1/freerdp-shadow-cli.1
Modified: /usr/share/man/man1/winpr-hash.1
Modified: /usr/share/man/man1/winpr-makecert.1
Modified: /usr/share/man/man1/wlfreerdp.1
Modified: /usr/share/man/man1/xfreerdp.1

Package freerdp-3-dev: Click to expand/collapse

Package freerdp-3-dev:
Modified: /usr/include/freerdp3/freerdp/config.h
Modified: /usr/include/freerdp3/freerdp/primitives.h
Modified: /usr/include/freerdp3/freerdp/rail.h
Modified: /usr/include/freerdp3/freerdp/settings_keys.h
Modified: /usr/include/freerdp3/freerdp/settings_types_private.h
Modified: /usr/include/freerdp3/freerdp/utils/encoded_types.h
Modified: /usr/include/freerdp3/freerdp/version.h
Modified: /usr/include/winpr3/winpr/comm.h
Modified: /usr/include/winpr3/winpr/crt.h
Modified: /usr/include/winpr3/winpr/environment.h
Modified: /usr/include/winpr3/winpr/file.h
Modified: /usr/include/winpr3/winpr/io.h
Modified: /usr/include/winpr3/winpr/memory.h
Modified: /usr/include/winpr3/winpr/pipe.h
Modified: /usr/include/winpr3/winpr/synch.h
Modified: /usr/include/winpr3/winpr/thread.h
Modified: /usr/include/winpr3/winpr/version.h
Modified: /usr/include/winpr3/winpr/winsock.h
Modified: /usr/include/winpr3/winpr/wtsapi.h
Modified: /usr/lib/cmake/FreeRDP-Client3/FreeRDP-ClientConfig.cmake
Modified: /usr/lib/cmake/FreeRDP-Client3/FreeRDP-ClientConfigVersion.cmake
Modified: /usr/lib/cmake/FreeRDP-Client3/FreeRDP-ClientTargets-minsizerel.cmake
Modified: /usr/lib/cmake/FreeRDP-Client3/FreeRDP-ClientTargets.cmake
Modified: /usr/lib/cmake/FreeRDP-Proxy3/FreeRDP-ProxyConfig.cmake
Modified: /usr/lib/cmake/FreeRDP-Proxy3/FreeRDP-ProxyConfigVersion.cmake
Modified: /usr/lib/cmake/FreeRDP-Proxy3/FreeRDP-ProxyTargets-minsizerel.cmake
Modified: /usr/lib/cmake/FreeRDP-Proxy3/FreeRDP-ProxyTargets.cmake
Modified: /usr/lib/cmake/FreeRDP-Server3/FreeRDP-ServerConfig.cmake
Modified: /usr/lib/cmake/FreeRDP-Server3/FreeRDP-ServerConfigVersion.cmake
Modified: /usr/lib/cmake/FreeRDP-Server3/FreeRDP-ServerTargets-minsizerel.cmake
Modified: /usr/lib/cmake/FreeRDP-Server3/FreeRDP-ServerTargets.cmake
Modified: /usr/lib/cmake/FreeRDP-Shadow3/FreeRDP-ShadowConfig.cmake
Modified: /usr/lib/cmake/FreeRDP-Shadow3/FreeRDP-ShadowConfigVersion.cmake
Modified: /usr/lib/cmake/FreeRDP-Shadow3/FreeRDP-ShadowTargets-minsizerel.cmake
Modified: /usr/lib/cmake/FreeRDP-Shadow3/FreeRDP-ShadowTargets.cmake
Modified: /usr/lib/cmake/FreeRDP3/FreeRDPConfig.cmake
Modified: /usr/lib/cmake/FreeRDP3/FreeRDPConfigVersion.cmake
Modified: /usr/lib/cmake/FreeRDP3/FreeRDPTargets-minsizerel.cmake
Modified: /usr/lib/cmake/FreeRDP3/FreeRDPTargets.cmake
Modified: /usr/lib/cmake/WinPR-tools3/WinPR-toolsConfig.cmake
Modified: /usr/lib/cmake/WinPR-tools3/WinPR-toolsConfigVersion.cmake
Modified: /usr/lib/cmake/WinPR-tools3/WinPR-toolsTargets-minsizerel.cmake
Modified: /usr/lib/cmake/WinPR-tools3/WinPR-toolsTargets.cmake
Modified: /usr/lib/cmake/WinPR3/WinPRConfig.cmake
Modified: /usr/lib/cmake/WinPR3/WinPRConfigVersion.cmake
Modified: /usr/lib/cmake/WinPR3/WinPRTargets-minsizerel.cmake
Modified: /usr/lib/cmake/WinPR3/WinPRTargets.cmake
Modified: /usr/lib/cmake/rdtk0/rdtk.cmake
Modified: /usr/lib/cmake/uwac0/uwac.cmake
Modified: /usr/lib/pkgconfig/freerdp-client3.pc
Modified: /usr/lib/pkgconfig/freerdp-server-proxy3.pc
Modified: /usr/lib/pkgconfig/freerdp-server3.pc
Modified: /usr/lib/pkgconfig/freerdp-shadow3.pc
Modified: /usr/lib/pkgconfig/freerdp3.pc
Modified: /usr/lib/pkgconfig/winpr-tools3.pc
Modified: /usr/lib/pkgconfig/winpr3.pc

bincapz found differences: Click to expand/collapse

Deleted: freerdp-3-libs/usr/lib/libfreerdp-server-proxy3.so.3.4.0

RISK KEY DESCRIPTION
-2/MEDIUM data/embedded/pem/private_key contains RSA PRIVATE KEY directive
-2/MEDIUM ref/words/intercept references interception: "interceptContextMap
intercept_context_entry_free
intercepted"
-1/LOW data/embedded/pem/certificate contains embedded PEM certificate
-1/LOW encoding/base64 supports base64 encoded strings
-1/LOW net/socket/listen listen on a socket
-1/LOW net/socket/peer/address get peer address of connected socket
-1/LOW net/socket/send send a message to a socket
-1/LOW ref/words/password references a password: "Password"

Deleted: freerdp-3-libs/usr/lib/libfreerdp3.so.3.4.0

RISK KEY DESCRIPTION
meta lang c++
-2/MEDIUM combo/backdoor/crypto_listen_socks socks crypto listener: "SOCKS5
crypto
listen
socks5"
-2/MEDIUM combo/net/tunnel_proxy network tunnel proxy: "Proxy
SOCKS5
Tunnel
crypto
proxy
socket
tunnel"
-2/MEDIUM net/http/cookies able to access HTTP resources using cookies
-2/MEDIUM net/http/form/upload upload content via HTTP form
-2/MEDIUM net/http/post able to submit content via HTTP POST
-2/MEDIUM net/ip/parse parses IP address (IPv4 or IPv6)
-2/MEDIUM net/ip/string converts IP address from byte to string
-2/MEDIUM net/sniffer pcap user
-2/MEDIUM net/socks5 supports SOCK5 proxies
-2/MEDIUM net/url/encode encodes URL, likely to pass GET variables
-2/MEDIUM ref/words/agent references an 'agent': "set_user_agent"
-1/LOW crypto/tls tls
-1/LOW encoding/base64 supports base64 encoded strings
-1/LOW env/SHELL users preferred SHELL path
-1/LOW fs/file/delete deletes files
-1/LOW net/hostport/parse network address and service translation
-1/LOW net/http/auth makes HTTP requests with basic authentication
-1/LOW net/http/request makes HTTP requests
-1/LOW net/http_proxy able to find HTTP proxies
-1/LOW net/ip access the internet
-1/LOW net/socket/listen listen on a socket
-1/LOW net/socket/local/address get local address of connected socket
-1/LOW net/socket/peer/address get peer address of connected socket
-1/LOW net/socket/receive receive a message from a socket
-1/LOW net/socket/send send a message to a socket
-1/LOW process/thread_local_storage uses glibc thread local storage: "__tls_get_addr"
-1/LOW ref/words/password references a password: "Password
password"
-1/LOW secrets/private_key references private keys: "privateKey"

Deleted: freerdp-3-libs/usr/lib/libfreerdp-shadow3.so.3.4.0

RISK KEY DESCRIPTION
-1/LOW net/socket/send send a message to a socket
-1/LOW ref/path/etc references paths within /etc: "/etc/winpr/"
-1/LOW secrets/private_key references private keys: "private_key"

Deleted: freerdp-3-libs/usr/lib/libfreerdp-client3.so.3.4.0

RISK KEY DESCRIPTION
meta lang c++
-2/MEDIUM fs/file/times/set change file timestamps
-2/MEDIUM fs/mounts/read parses active mounts (/etc/fstab, /etc/mtab)
-2/MEDIUM net/socks5 supports SOCK5 proxies
-2/MEDIUM procfs/mounts parses active mounts (/proc/mounts
-2/MEDIUM ref/words/agent references an 'agent': "sshagent"
-2/MEDIUM ref/words/c2 uses terms that may reference remote control abilities: "remote_control"
-1/LOW encoding/base64 supports base64 encoded strings
-1/LOW net/http/request makes HTTP requests
-1/LOW net/ip access the internet
-1/LOW net/ipp/request makes IPP (Internet Printing Protocol) requests
-1/LOW net/oauth2 supports OAuth2
-1/LOW ref/path/usr/bin references paths within /usr/bin: "/usr/bin/rdp2tcp"
-1/LOW ref/site/url contains embedded HTTPS URLs:
https://github.com/FreeRDP/FreeRDP/issues
https://github.com/freerdp/freerdp
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=
https://matrix.to/
-1/LOW ref/words/password references a password: "Password
password"

Deleted: freerdp-3-libs/usr/lib/libwinpr-tools3.so.3.4.0

RISK KEY DESCRIPTION
-1/LOW ref/words/password references a password: "password"
-1/LOW secrets/private_key references private keys: "private_key"

Moved: freerdp-3-libs/usr/lib/libwinpr3.so.3.4.0 -> freerdp-3-libs/usr/lib/libwinpr3.so.3.5.0 (score: 0.985366)

Moved: freerdp-3-libs/usr/lib/libwinpr3.so.3.4.0 -> freerdp-3-libs/usr/lib/libwinpr-tools3.so.3.5.0 (score: 0.910638)

Previous Risk: 🔥 3/HIGH
New Risk: ✅ 1/LOW

RISK KEY DESCRIPTION
-3/HIGH procfs/pid/exe accesses underlying executable of other processes
-2/MEDIUM combo/net/scan_tool may scan networks: "connect
gethostbyname
port
socket
target"
-2/MEDIUM exec/program executes another program
-2/MEDIUM net/download downloads files
-2/MEDIUM net/http/post able to submit content via HTTP POST
-2/MEDIUM net/ip/parse parses IP address (IPv4 or IPv6)
-2/MEDIUM net/ip/string converts IP address from byte to string
-2/MEDIUM net/socket/connect initiate a connection on a socket
-2/MEDIUM procfs/arbitrary/pid access /proc for arbitrary pids: "/proc/%d/exe"
-2/MEDIUM ref/path/tmp references paths within /tmp: "/tmp/localhost.crt"
-2/MEDIUM ref/site/http/dynamic uRL that is dynamically generated: "https://%s/KdcProxy"
-2/MEDIUM ref/words/infected references being 'infected': "INFECTED"
-1/LOW dylib/address/check determine if address belongs to a shared library
-1/LOW dylib/symbol/address get the address of a symbol
-1/LOW env/HOME looks up the HOME directory for the current user
-1/LOW env/LANG looks up language of current user
-1/LOW env/TEMP tmpdir
-1/LOW env/TMPDIR tMPDIR
-1/LOW env/USER uSER
-1/LOW exec/program/background waits for a process to exit
-1/LOW fs/directory/create creates directories
-1/LOW fs/directory/remove uses libc functions to remove directories
-1/LOW fs/fifo/create make a FIFO special file (a named pipe)
-1/LOW fs/file/delete deletes files
-1/LOW fs/file/times/set change file timestamps with nanosecond precision
-1/LOW fs/file/truncate truncate a file to a specified length
-1/LOW fs/link/read read value of a symbolic link
-1/LOW fs/lock/update apply or remove an advisory lock on a file
-1/LOW fs/permission/modify modifies file permissions
-1/LOW fs/symlink/resolve resolves symbolic links
-1/LOW kernel/hostname/get gets the hostname of the machine
-1/LOW net/hostname/resolve resolves network hosts via name
-1/LOW net/hostport/parse network address and service translation
-1/LOW net/ip/resolve resolves network hosts via IP address
-1/LOW net/socket/listen listen on a socket
-1/LOW net/socket/local/address get local address of connected socket
-1/LOW net/socket/peer/address get peer address of connected socket
-1/LOW net/socket/receive receive a message from a socket
-1/LOW net/socket/send send a message to a socket
-1/LOW process/groupid/set set real and effective group ID of process
-1/LOW process/multithreaded uses pthreads
-1/LOW process/userid/set set real and effective user ID of current process
-1/LOW ref/path/etc references paths within /etc: "/etc/localtime
/etc/timezone
/etc/winpr/"
-1/LOW ref/path/var references paths within /var: "/var/run/freerds.instance"

Moved: freerdp-3-libs/usr/lib/libfreerdp-server3.so.3.4.0 -> freerdp-3-libs/usr/lib/libfreerdp-server3.so.3.5.0 (score: 0.988000)

Moved: freerdp-3-libs/usr/lib/libwinpr3.so.3.4.0 -> freerdp-3-libs/usr/lib/libfreerdp3.so.3.5.0 (score: 0.902326)

Previous Risk: 🔥 3/HIGH
New Risk: ✅ 2/MEDIUM

RISK KEY DESCRIPTION
-3/HIGH procfs/pid/exe accesses underlying executable of other processes
+2/MEDIUM combo/backdoor/crypto_listen_socks socks crypto listener: "SOCKS5
crypto
listen
socks5"
-2/MEDIUM combo/net/scan_tool may scan networks: "connect
gethostbyname
port
socket
target"
+2/MEDIUM combo/net/tunnel_proxy network tunnel proxy: "Proxy
SOCKS5
Tunnel
crypto
proxy
socket
tunnel"
-2/MEDIUM exec/program executes another program
-2/MEDIUM net/download downloads files
+2/MEDIUM net/http/cookies able to access HTTP resources using cookies
+2/MEDIUM net/http/form/upload upload content via HTTP form
+2/MEDIUM net/reuseport able to listen and dial from the same TCP/UDP port
+2/MEDIUM net/sniffer pcap user
-2/MEDIUM net/socket/connect initiate a connection on a socket
+2/MEDIUM net/socks5 supports SOCK5 proxies
+2/MEDIUM net/url/encode encodes URL, likely to pass GET variables
-2/MEDIUM procfs/arbitrary/pid access /proc for arbitrary pids: "/proc/%d/exe"
-2/MEDIUM ref/path/tmp references paths within /tmp: "/tmp/localhost.crt"
-2/MEDIUM ref/site/http/dynamic uRL that is dynamically generated: "https://%s/KdcProxy"
+2/MEDIUM ref/words/agent references an 'agent': "set_user_agent"
-2/MEDIUM ref/words/infected references being 'infected': "INFECTED"
+1/LOW crypto/tls tls
-1/LOW dylib/address/check determine if address belongs to a shared library
-1/LOW dylib/symbol/address get the address of a symbol
+1/LOW encoding/base64 supports base64 encoded strings
-1/LOW env/HOME looks up the HOME directory for the current user
-1/LOW env/LANG looks up language of current user
+1/LOW env/SHELL users preferred SHELL path
-1/LOW env/TEMP tmpdir
-1/LOW env/TMPDIR tMPDIR
-1/LOW env/USER uSER
-1/LOW exec/program/background waits for a process to exit
-1/LOW fs/directory/create creates directories
-1/LOW fs/directory/remove uses libc functions to remove directories
-1/LOW fs/fifo/create make a FIFO special file (a named pipe)
-1/LOW fs/file/times/set change file timestamps with nanosecond precision
-1/LOW fs/file/truncate truncate a file to a specified length
-1/LOW fs/link/read read value of a symbolic link
-1/LOW fs/lock/update apply or remove an advisory lock on a file
-1/LOW fs/permission/modify modifies file permissions
-1/LOW fs/symlink/resolve resolves symbolic links
-1/LOW kernel/hostname/get gets the hostname of the machine
-1/LOW net/hostname/resolve resolves network hosts via name
+1/LOW net/http/auth makes HTTP requests with basic authentication
+1/LOW net/http/request makes HTTP requests
+1/LOW net/http_proxy able to find HTTP proxies
+1/LOW net/ip access the internet
-1/LOW net/ip/resolve resolves network hosts via IP address
-1/LOW process/groupid/set set real and effective group ID of process
-1/LOW process/multithreaded uses pthreads
+1/LOW process/thread_local_storage uses glibc thread local storage: "__tls_get_addr"
-1/LOW process/userid/set set real and effective user ID of current process
-1/LOW ref/path/etc references paths within /etc: "/etc/localtime
/etc/timezone
/etc/winpr/"
-1/LOW ref/path/var references paths within /var: "/var/run/freerds.instance"

Moved: freerdp-3-libs/usr/lib/libfreerdp-server3.so.3.4.0 -> freerdp-3-libs/usr/lib/libfreerdp-server-proxy3.so.3.5.0 (score: 0.925000)

RISK KEY DESCRIPTION
+2/MEDIUM data/embedded/pem/private_key contains RSA PRIVATE KEY directive
-2/MEDIUM exec/shell_echo uses the echo command to generate output: "echo server's OpenResult callback failed with error %u"
-2/MEDIUM fs/file/times/set change file timestamps
-2/MEDIUM ref/words/c2 uses terms that may reference remote control abilities: "remote_control"
+2/MEDIUM ref/words/intercept references interception: "interceptContextMap
intercept_context_entry_free
intercepted"
+1/LOW data/embedded/pem/certificate contains embedded PEM certificate
+1/LOW encoding/base64 supports base64 encoded strings
+1/LOW net/socket/listen listen on a socket
+1/LOW net/socket/peer/address get peer address of connected socket
+1/LOW net/socket/send send a message to a socket
-1/LOW ref/site/url contains embedded HTTPS URLs: "https://github.com/FreeRDP/FreeRDP/issues
https://github.com/freerdp/freerdp
https://matrix.to/"

Moved: freerdp-3-libs/usr/lib/libfreerdp-shadow-subsystem3.so.3.4.0 -> freerdp-3-libs/usr/lib/libfreerdp-shadow-subsystem3.so.3.5.0 (score: 0.990000)

Moved: freerdp-3-libs/usr/lib/libfreerdp-server3.so.3.4.0 -> freerdp-3-libs/usr/lib/libfreerdp-shadow3.so.3.5.0 (score: 0.928000)

Previous Risk: ✅ 2/MEDIUM
New Risk: ✅ 1/LOW

RISK KEY DESCRIPTION
-2/MEDIUM exec/shell_echo uses the echo command to generate output: "echo server's OpenResult callback failed with error %u"
-2/MEDIUM fs/file/times/set change file timestamps
-2/MEDIUM ref/words/c2 uses terms that may reference remote control abilities: "remote_control"
+1/LOW net/socket/send send a message to a socket
+1/LOW ref/path/etc references paths within /etc: "/etc/winpr/"
-1/LOW ref/site/url contains embedded HTTPS URLs: "https://github.com/FreeRDP/FreeRDP/issues
https://github.com/freerdp/freerdp
https://matrix.to/"
-1/LOW ref/words/password references a password: "password"
+1/LOW secrets/private_key references private keys: "private_key"

Moved: freerdp-3-libs/usr/lib/libfreerdp-server3.so.3.4.0 -> freerdp-3-libs/usr/lib/libfreerdp-client3.so.3.5.0 (score: 0.916000)

RISK KEY DESCRIPTION
-2/MEDIUM exec/shell_echo uses the echo command to generate output: "echo server's OpenResult callback failed with error %u"
+2/MEDIUM fs/mounts/read parses active mounts (/etc/fstab, /etc/mtab)
+2/MEDIUM net/socks5 supports SOCK5 proxies
+2/MEDIUM procfs/mounts parses active mounts (/proc/mounts
+2/MEDIUM ref/words/agent references an 'agent': "sshagent"
+1/LOW encoding/base64 supports base64 encoded strings
+1/LOW fs/mount mounts file systems
+1/LOW net/http/request makes HTTP requests
+1/LOW net/ip access the internet
+1/LOW net/ipp/request makes IPP (Internet Printing Protocol) requests
+1/LOW net/oauth2 supports OAuth2
+1/LOW ref/path/usr/bin references paths within /usr/bin: "/usr/bin/rdp2tcp"

@ajayk ajayk merged commit 7afbd79 into main Apr 16, 2024
8 checks passed
@ajayk ajayk deleted the wolfictl-c28acebe-71c2-42d0-a786-fe72fe3cb487 branch April 16, 2024 23:55
@philroche philroche mentioned this pull request Sep 5, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ajayk ajayk ajayk approved these changes

Assignees
No one assigned
Labels
automated pr request-version-update request for a newer version of a package
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ajayk @wolfi-bot