This update for freerdp fixes the following issues:
- CVE-2025-4478: Fixed initialization of function pointers after
resource allocations (bsc#1243109)
- CVE-2026-22851: Fixed RDPGFX ResetGraphics race leading to
use-after-free in SDL client (sdl->primary) (bsc#1256717)
- CVE-2026-22852: Fixed heap-buffer-overflow in audin_process_formats
(bsc#1256718)
- CVE-2026-22853: Fixed heap-buffer-overflow in ndr_read_uint8Array
(bsc#1256719)
- CVE-2026-22854: Fixed heap-buffer-overflow in drive_process_irp_read
(bsc#1256720)
- CVE-2026-22855: Fixed heap-buffer-overflow in smartcard_unpack_set_attrib_call
(bsc#1256721)
- CVE-2026-22856: Fixed heap-use-after-free in create_irp_thread (bsc#1256722)
- CVE-2026-22857: Fixed heap-use-after-free in irp_thread_func (bsc#1256723)
- CVE-2026-22858: Fixed global-buffer-overflow in crypto_base64_devoce
(bsc#1256724)
- CVE-2026-22859: Fixed heap-buffer-overflow in urb_select_configuration
(bsc#1256725)
- CVE-2026-23530: Fixed improper validation leading to heap buffer overflow
in
planar_decompress_plane_rle (bsc#1256940)
- CVE-2026-23531: Fixed improper validation in
clear_decompress leading to
heap buffer overflow (bsc#1256941)
- CVE-2026-23532: Fixed mismatch between destination rectangle clamping and
the actual copy size leading to heap buffer overflow in
gdi_SurfaceToSurface (bsc#1256942)
- CVE-2026-23533: Fixed improper validation leading to heap buffer overflow in
clear_decompress_residual_data (bsc#1256943)
- CVE-2026-23534: Fixed missing checks leading to heap buffer overflow in
clear_deceompress_bands_data (bsc#1256944)
- CVE-2026-23732: Fixed improper validation leading to heap buffer overflow in
Glyph_alloc (bsc#1256945)
- CVE-2026-23883: Fixed use-after-free when
update_pointer_color and
freerdp_image_copy_fromPointer_data fail (bsc#1256946)
- CVE-2026-23884: Fixed use-after-free in
gdi_set_bounds (bsc#1256947)