Notewhorth changes:
- Backported #8252: Support sending server redirection PDU
- Backported #8406: Ensure X11 client cursor is never smaller 1x1
- Backported #8403: Fixed multiple client side input validation issues
(CVE-2022-39316, CVE-2022-39317, CVE-2022-39318, CVE-2022-39319,
CVE-2022-39320, CVE-2022-41877, CVE-2022-39347) - Backported #7282: Proxy server now discards input events sent before
activation was received - Backported #8324: Internal replacements for md4, md5 and hmac-md5
For the time being the RDP protocol requires these outdated hash
algorithms. So any distribution that wants to ship a working
FreeRDP should check the options WITH_INTERNAL_MD4 (and depending
on OpenSSL deprecation status WITH_INTERNAL_MD5)
Fixed issues:
- Backported #8341: Null checks in winpr_Digest_Free
- Backported #8335: Missing NULL return in winpr_Digest_New
- Backported #8192: Support for audin version 2 microphone channel
- Backported #7282: Discard input events before activation (Fixes #8374)
For a complete and detailed change log since the last release run:
git log 2.8.1..2.9.0
Thanks to "Team BT5 (BoB 11th)" for reporting the security issues.