This update for freerdp2 fixes the following issues:
- CVE-2026-22855: heap-buffer-overflow in smartcard_unpack_set_attrib_call (bsc#1256721).
- CVE-2026-22857: heap-use-after-free in irp_thread_func (bsc#1256723).
- CVE-2026-23533: improper validation can lead to heap buffer overflow in
clear_decompress_residual_data
(bsc#1256943).
- CVE-2026-23732: improper validation can lead to heap buffer overflow in
Glyph_Alloc (bsc#1256945).
- CVE-2026-23883: use-after-free when
update_pointer_color and freerdp_image_copy_from_pointer_data fail
(bsc#1256946).
- CVE-2026-23884: use-after-free in
gdi_set_bounds (bsc#1256947).
- CVE-2026-24491: heap-use-after-free in video_timer (bsc#1257981).
- CVE-2026-24675: heap-use-after-free in urb_select_interface (bsc#1257982).
- CVE-2026-24676: heap-use-after-free in audio_format_compatible (bsc#1257983).
- CVE-2026-24679: heap-buffer-overflow in urb_select_interface (bsc#1257986).
- CVE-2026-24681: heap-use-after-free in urb_bulk_transfer_cb (bsc#1257988).
- CVE-2026-24682: heap-buffer-overflow in audio_formats_free (bsc#1257989).
- CVE-2026-24683: heap-use-after-free in ainput_send_input_event (bsc#1257990).
- CVE-2026-24684: heap-use-after-free in play_thread (bsc#1257991).