1 # 2021-02-05 Version 2.3.0
4 * CMake option WITH_PROXY_MODULES is currently experimental, do not use in
6 * The clipboard struct FILEDESCRIPTOR was replaced by FILEDESCRIPTORW with
7 proper data types. They are binary compatible and the former is kept for
8 compatibility but compilers will emit warnings.
11 * Progressive codec improvements. Reduces graphical glitches against windows
13 * Fixed +glyph-cache, now working properly without disconnects
14 * Huge file support in clipboard
15 * XWayland support for xfreerdp (keyboard grabbing)
16 * Improved wlfreerdp (wayland client)
17 * Option to allow keyboard scancodes to be remapped manually
20 * #6626: Fixed parsing of FastGlyph order.
21 * #6624: Added support for xwayland keyboard grab
22 * #6492: Added clipboard CB_HUGE_FILE_SUPPORT_ENABLED flag
23 * #6428: Improve NLA error code logging.
24 * #6416: Http gateway message support
25 * #6753: List of pull requests to backport for stable-next
27 For a complete and detailed change log since the last release run:
31 # 2020-07-20 Version 2.2.0
34 * CVE-2020-15103 - Integer overflow due to missing input sanitation in rdpegfx channel
37 * fix: memory leak in nsc
39 * some fixes and improvements
41 * use cmake to detect getlogin_r
42 * improve asan checks/detection
44 * new: support for heartbeats
45 * new: support for rail handshake ex flags
46 * fix: possible race condition with redirects
49 * #6263 Sound & mic - filter GSM codec for microphone redirection
50 * #6335: windows client title length
51 * #6370 - "Alternate Secondary Drawing Order UNKNOWN"
52 * #6298 - remoteapp with dialog is disconnecting when it loses focus
53 * #6299 - v2.1.2: Can't connect to Windows7
55 For a complete and detailed change log since the last release run:
59 # 2020-06-22 Version 2.1.2
62 * CVE-2020-4033 Out of bound read in RLEDECOMPRESS
63 * CVE-2020-4031 Use-After-Free in gdi_SelectObject
64 * CVE-2020-4032 Integer casting vulnerability in `update_recv_secondary_order`
65 * CVE-2020-4030 OOB read in `TrioParse`
66 * CVE-2020-11099 OOB Read in license_read_new_or_upgrade_license_packet
67 * CVE-2020-11098 Out-of-bound read in glyph_cache_put
68 * CVE-2020-11097 OOB read in ntlm_av_pair_get
69 * CVE-2020-11095 Global OOB read in update_recv_primary_order
70 * CVE-2020-11096 Global OOB read in update_read_cache_bitmap_v3_order
71 * Gateway RPC fixes for windows
72 * Fixed resource fee race resulting in double free in USB redirection
73 * Fixed wayland client crashes
74 * Fixed X11 client mouse mapping issues (X11 mapping on/off)
75 * Some proxy related improvements (capture module)
76 * Code cleanup (use getlogin_r, ...)
78 For a complete and detailed change log since the last release candidate run:
82 # 2020-05-20 Version 2.1.1
85 * CVE: GHSL-2020-100 OOB Read in ntlm_read_ChallengeMessage
86 * CVE: GHSL-2020-101 OOB Read in security_fips_decrypt due to uninitialized value
87 * CVE: GHSL-2020-102 OOB Write in crypto_rsa_common
88 * Enforce synchronous legacy RDP encryption count (#6156)
89 * Fixed some leaks and crashes missed in 2.1.0
90 * Removed dynamic channel listener limits
91 * Lots of resource cleanup fixes (clang sanitizers)
92 * A couple of performance improvements
93 * Various small annoyances eliminated (typos, prefilled username for windows client, ...)
96 For a complete and detailed change log since the last release candidate run:
100 # 2020-05-05 Version 2.1.0
104 * fix multiple CVEs: CVE-2020-11039, CVE-2020-11038, CVE-2020-11043, CVE-2020-11040, CVE-2020-11041,
105 CVE-2020-11019, CVE-2020-11017, CVE-2020-11018
106 * fix multiple leak and crash issues (#6129, #6128, #6127, #6110, #6081, #6077)
108 Noteworthy features and improvements:
109 * Fixed sound issues (#6043)
110 * New expert command line options /tune and /tune-list to modify all client
111 settings in a generic way.
112 * Fixes for smartcard cache, this improves compatibility of smartcard devices
113 with newer smartcard channel.
114 * Shadow server can now be instructed to listen to multiple interfaces.
115 * Improved server certificate support (#6052)
116 * Various fixes for wayland client (fullscreen, mouse wheel, ...)
117 * Fixed large mouse pointer support, now mouse pointers > 96x96 pixel are visible.
118 * USB redirection command line improvements (filter options)
119 * Various translation improvements for android and ios clients
121 For a complete and detailed change log since the last release candidate run:
125 # 2020-04-09 Version 2.0.0
129 * fix multiple CVEs: CVE-2020-11521 CVE-2020-11522 CVE-2020-11523 CVE-2020-11524 CVE-2020-11525 CVE-2020-11526
130 * fix multiple other security related issues (#6005, #6006, #6007, #6008, #6009, #6010, #6011, #6012, #6013)
131 * sha256 is now used instead of sha1 to fingerprint certificates. This will
132 invalidate all hosts in FreeRDP known_hosts2 file and causes a prompt if a
133 new connection is established after the update
135 Noteworthy features and improvements:
137 * First version of the RDP proxy was added (#5372) - thanks to @kubistika
138 * Smartcard received some refactoring. Missing functions were added and input
139 validation was improved (#5884)
140 * A new option /cert that unifies all certificate related options (#5880)
141 The old options (cert-ignore, cert-deny, cert-name, cert-tofu) are still
142 available but marked as deprecated
143 * Support for Remote Assistance Protocol Version 2 [MS-RA]
144 * The DirectFB client was removed because it was unmaintained
145 * Unified initialization of OrderSupport
146 * Fix for licensing against Windows Server 2003
147 * Font smoothing is now enabled per default
148 * Flatpack support was added
149 * Smart scaling for Wayland using libcairo was added (#5215)
150 * Unified update->BeginPaint and update->EndPaint
151 * An image scaling API for software drawing was added
152 * Rail was updated to the latest spec version 28.0
153 * Support for H.264 in the shadow server is now detected at runtime
154 * Add mask=<value> option for /gfx and /gfx-h264 (#5771)
155 * Code reformatting (#5667)
156 * A new option /timeout was added to adjust the TCP ACK timeout (#5987)
158 For a complete and detailed change log since the last release candidate run:
159 git log 2.0.0-rc4..2.0.0
162 # 2018-11-19 Version 2.0.0-rc4
164 FreeRDP 2.0.0-rc4 is the fifth release candidate for 2.0.0. Although it mainly
165 addresses security and stability there are some new features as well.
167 Noteworthy features and improvements:
169 * fix multiple reported CVEs (#5031)
170 * gateway: multiple fixes and improvements (#3600, #4787, #4902, #4964, #4947,
172 * client/X11: support for rail (remote app) icons was added (#5012)
173 * licensing: the licensing code was re-worked. Per-device licenses
174 are now saved on the client and used on re-connect.
175 WARNING: this is a change in FreeRDP behavior regarding licensing. If the old
176 behavior is required, or no licenses should be saved use the
177 new command line option +old-license (#4979)
178 * improve order handling - only orders that were enabled
179 during capability exchange are accepted (#4926).
180 WARNING and NOTE: some servers do improperly send orders that weren't negotiated,
181 for such cases the new command line option /relax-order-checks was added to
182 disable the strict order checking. If connecting to xrdp the options
183 /relax-order-checks *and* +glyph-cache are required.
184 * /smartcard has now support for substring filters (#4840)
185 for details see https://github.com/FreeRDP/FreeRDP/wiki/smartcard-logon
186 * add support to set tls security level (for openssl >= 1.1.0)
187 - default level is set to 1
188 - the new command line option /tls-seclevel:[LEVEL] allows to set
189 a different level if required
190 * add new command line option /smartcard-logon to allow
191 smartcard login (currently only with RDP security) (#4842)
192 * new command line option: /window-position to allow positioning
193 the window on startup (#5018)
194 * client/X11: set window title before mapping (#5023)
195 * rdpsnd/audin (mostly server side) add support for audio re-sampling using soxr or ffmpeg
196 * client/Android: add Japanese translation (#4906)
197 * client/Android: add Korean translation (#5029)
199 For a complete and detailed change log since the last release candidate run:
200 git log 2.0.0-rc3..2.0.0-rc4
203 # 2018-08-01 Version 2.0.0-rc3
205 FreeRDP 2.0.0-rc3 is the fourth release candidate for 2.0.0.
206 For a complete and detailed change log since the last release candidate run:
207 git log 2.0.0-rc2..2.0.0-rc3
209 Noteworthy features and improvements:
211 * Updated and improved sound and microphone redirection format support (AAC)
212 * Improved reliability of reconnect and redirection support
213 * Fixed memory leaks with +async-update
214 * Improved connection error reporting
215 * Improved gateway support (various fixes for HTTP and RDG)
216 * SOCKS proxy support (all clients)
217 * More reliable resolution switching with /dynamic-resolution (MS-RDPEVOR) (xfreerdp)
219 Fixed github issues (excerpt):
221 * #1924, #4132, #4511 Fixed redirection
222 * #4165 AAC and MP3 codec support for sound and microphone redirection
223 * #4222 Gateway connections prefer IP to hostname
224 * #4550 Fixed issues with +async-update
225 * #4634 Comment support in known_hosts file
226 * #4684 /drive and +drives don't work togehter
227 * #4735 Automatically reconnect if connection timed out waiting for user interaction
229 See https://github.com/FreeRDP/FreeRDP/milestone/9 for a complete list.
232 # 2017-11-28 Version 2.0.0-rc2
234 FreeRDP 2.0.0-rc2 is the third release candidate for 2.0.0.
235 For a complete and detailed change log since the last release candidate run:
236 git log 2.0.0-rc1..2.0.0-rc2
238 Noteworthy features and improvements:
240 * IMPORTANT: add support CredSSP v6 - this fixes KB4088776 see #4449, #4488
241 * basic support for the "Video Optimized Remoting Virtual Channel Extension" (MS-RDPEVOR) was added
242 * many smart card related fixes and cleanups #4312
244 * fix OpenSSL 1.1.0 detection on Windows
245 * fix IPv6 handling on Windows
246 * add support for memory and thread sanitizer
247 * support for dynamic resloution changes was added in xfreerdp #4313
248 * support for gateway access token (command line option /gat) was added
249 * initial support for travis-ci.org was added
250 * SSE optimization version of RGB to AVC444 frame split was added
251 * build: -msse2/-msse3 are not enabled globally anymore
253 Fixed github issues (excerpt):
255 * #4227 Convert settings->Password to binary blob
256 * #4231 freerdp-2.0.0_rc0: 5 tests failed out of 184 on ppc
257 * #4276 Big endian fixes
258 * #4291 xfreerdp “Segmentation fault” when connecting to freerdp-shadow-cli
259 * #4293 [X11] shadow server memory corruption with /monitors:2 #4293
260 * #4296 drive redirection - raise an error if the directory can't be founde
261 * #4306 Cannot connect to shadow server with NLA auth: SEC_E_OUT_OF_SEQUENCE
262 * #4447 Apple rpath namespace fixes
263 * #4457 Fix /size: /w: /h: with /monitors: (Fix custom sizes)
264 * #4527 pre-connection blob (pcb) support in .rdp files
265 * #4552 Fix Windows 10 cursors drawing as black
266 * smartcard related: #3521, #3431, #3474, #3488, #775, #1424
268 See https://github.com/FreeRDP/FreeRDP/milestone/8 for a complete list.
271 # 2017-11-28 Version 2.0.0-rc1
273 FreeRDP 2.0.0-rc1 is the second release candidate for 2.0.0.
274 For a complete and detailed change log since the last release candidate run:
275 git log 2.0.0-rc0..master
277 Noteworthy features and improvements:
279 * support for FIPS mode was added (option +fipsmode)
280 * initial client side kerberos support (run cmake with WITH_GSSAPI)
281 * support for ssh-agent redirection (as rdp channel)
282 * the man page(s) and /help were updated an improved
283 * build: support for GNU/kFreeBSD
284 * add support for ICU for unicode conversion (-DWITH_ICU=ON)
285 * client add option to force password prompt before connection (/from-stdin[:force])
286 * add Samsung DeX support
287 * extend /size to allow width or height percentages (#4146)
288 * add support for "password is pin"
289 * clipboard is now enabled per default (use -clipboard to disable)
291 Fixed github issues (excerpt):
293 * #4281: Added option to prefer IPv6 over IPv4
294 * #3890: Point to OpenSSL doc for private CA
295 * #3378: support 31 static channels as described in the spec
296 * #1536: fix clipboard on mac
297 * #4253: Rfx decode tile width.
298 * #3267: fix parsing of drivestoredirect
299 * #4257: Proper error checks for /kbd argument
300 * #4249: Corruption due to recursive parser
301 * #4111: 15bpp color handling for brush.
302 * #3509: Added Ctrl+Alt+Enter description
303 * #3211: Return freerdp error from main.
304 * #3513: add better description for drive redirection
305 * #4199: ConvertFindDataAToW string length
306 * #4135: client/x11: fix colors on big endian
307 * #4089: fix h264 context leak when DeleteSurface
308 * #4117: possible segfault
309 * #4091: fix a regression with remote program
311 See https://github.com/FreeRDP/FreeRDP/milestone/7 for a complete list.
314 2012-02-07 Version 1.0.1
316 FreeRDP 1.0.1 is a maintenance release to address a certain number of
317 issues found in 1.0.0. This release also brings corrective measures
318 to certificate validation which were required for inclusion in Ubuntu.
320 * Certificate Validation
321 * Improved validation logic and robustness
322 * Added validation of certificate name against hostname
324 * Token-based Server Redirection
325 * Fixed redirection logic
326 * HAProxy load-balancer support
329 * better event handling
330 * capture performance improvements
333 * Fix RemoteFX support
334 * Fix mingw64 compilation
337 * Fix severe TCP sending bug
338 * Added server-side Standard RDP security
340 2012-01-16 Version 1.0.0
344 FreeRDP 1.0 is the first release of FreeRDP under the Apache License 2.0.
345 The FreeRDP 1.x series is a rewrite, meaning there is no continuity with
346 the previous FreeRDP 0.x series which were released under GPLv2.
351 * Both encoder and decoder
352 * SSE2 and NEON optimization
355 * Working, minor glitches
356 * Multimedia Redirection
358 * Network Level Authentication (NLA)
360 * Certificate validation
361 * FIPS-compliant RDP security
362 * new build system (cmake)
363 * added official logo and icon
370 * both client and server
374 * bitmap decompression
375 * codec encoding/decoding
378 * libfreerdp-channels
379 * virtual channel management
380 * client and server side support
382 * extensively unit tested
383 * portable software GDI implementation
387 * shared utility library
391 * client/X11 (xfreerdp)
394 * X11 GDI implementation
395 * client/DirectFB (dfreerdp)
397 * software-based GDI (libfreerdp-gdi)
398 * client/Windows (wfreerdp)
399 * Native Win32 support
401 FreeRDP Servers (experimental):
403 * server/X11 (xfreerdp-server)
406 * highly experimental
407 * keyboard and mouse input supported
411 * cliprdr (Clipboard Redirection)
413 * drdynvc (Dynamic Virtual Channels)
414 * audin (Audio Input Redirection)
417 * tsmf (Multimedia Redirection)
421 * rdpdr (Device Redirection)
422 * disk (Disk Redirection)
423 * parallel (Parallel Port Redirection)
424 * serial (Serial Port Redirection)
425 * printer (Printer Redirection)
427 * smartcard (Smartcard Redirection)
428 * rdpsnd (Sound Redirection)