1 # 2021-XX-YY Version 2.3.2
4 * Fixed autoreconnect printer backend loading
5 * Fixed compilation on older mac os versions < 10.14
6 * Fixed mouse pointer move with smart-sizing
9 * #6848: Invalid format string in smartcard trace
10 * #6846: Fixed static builds
12 For a complete and detailed change log since the last release run:
15 # 2021-03-01 Version 2.3.1
18 * This is a compatibility bugfix release readding some (deprecated)
20 * Also add some more EXPERIMENTAL warnings to CMake flags as some were not
22 * Fixed a memory leak in xfreerdp (mouse pointer updates)
23 * No longer activating some compile time debug options with -DWITH_DEBUG_ALL=ON
24 which might leak sensitive information.
25 * Added -DDEFINE_NO_DEPRECATED for developers to detect use of deprecated
28 For a complete and detailed change log since the last release run:
32 # 2021-02-24 Version 2.3.0
35 * CMake option WITH_PROXY_MODULES is currently experimental, do not use in
37 * The clipboard struct FILEDESCRIPTOR was replaced by FILEDESCRIPTORW with
38 proper data types. They are binary compatible and the former is kept for
39 compatibility but compilers will emit warnings.
42 * Websocket support for proxy connections
43 * Progressive codec improvements. Reduces graphical glitches against windows
45 * Fixed +glyph-cache, now working properly without disconnects
46 * Huge file support in clipboard
47 * XWayland support for xfreerdp (keyboard grabbing)
48 * Improved wlfreerdp (wayland client)
49 * Option to allow keyboard scancodes to be remapped manually
50 * Improved mouse wheel behaviour when scrolling
51 * Improved dynamic channel behaviour, more stable event detection
52 * New connection state PubSub notification: Clients can now monitor current
56 * #6626: Fixed parsing of FastGlyph order.
57 * #6624: Added support for xwayland keyboard grab
58 * #6492: Added clipboard CB_HUGE_FILE_SUPPORT_ENABLED flag
59 * #6428: Improve NLA error code logging.
60 * #6416: Http gateway message support
61 * #6753: List of pull requests to backport for stable-next
63 For a complete and detailed change log since the last release run:
67 # 2020-07-20 Version 2.2.0
70 * CVE-2020-15103 - Integer overflow due to missing input sanitation in rdpegfx channel
73 * fix: memory leak in nsc
75 * some fixes and improvements
77 * use cmake to detect getlogin_r
78 * improve asan checks/detection
80 * new: support for heartbeats
81 * new: support for rail handshake ex flags
82 * fix: possible race condition with redirects
85 * #6263 Sound & mic - filter GSM codec for microphone redirection
86 * #6335: windows client title length
87 * #6370 - "Alternate Secondary Drawing Order UNKNOWN"
88 * #6298 - remoteapp with dialog is disconnecting when it loses focus
89 * #6299 - v2.1.2: Can't connect to Windows7
91 For a complete and detailed change log since the last release run:
95 # 2020-06-22 Version 2.1.2
98 * CVE-2020-4033 Out of bound read in RLEDECOMPRESS
99 * CVE-2020-4031 Use-After-Free in gdi_SelectObject
100 * CVE-2020-4032 Integer casting vulnerability in `update_recv_secondary_order`
101 * CVE-2020-4030 OOB read in `TrioParse`
102 * CVE-2020-11099 OOB Read in license_read_new_or_upgrade_license_packet
103 * CVE-2020-11098 Out-of-bound read in glyph_cache_put
104 * CVE-2020-11097 OOB read in ntlm_av_pair_get
105 * CVE-2020-11095 Global OOB read in update_recv_primary_order
106 * CVE-2020-11096 Global OOB read in update_read_cache_bitmap_v3_order
107 * Gateway RPC fixes for windows
108 * Fixed resource fee race resulting in double free in USB redirection
109 * Fixed wayland client crashes
110 * Fixed X11 client mouse mapping issues (X11 mapping on/off)
111 * Some proxy related improvements (capture module)
112 * Code cleanup (use getlogin_r, ...)
114 For a complete and detailed change log since the last release candidate run:
118 # 2020-05-20 Version 2.1.1
121 * CVE: GHSL-2020-100 OOB Read in ntlm_read_ChallengeMessage
122 * CVE: GHSL-2020-101 OOB Read in security_fips_decrypt due to uninitialized value
123 * CVE: GHSL-2020-102 OOB Write in crypto_rsa_common
124 * Enforce synchronous legacy RDP encryption count (#6156)
125 * Fixed some leaks and crashes missed in 2.1.0
126 * Removed dynamic channel listener limits
127 * Lots of resource cleanup fixes (clang sanitizers)
128 * A couple of performance improvements
129 * Various small annoyances eliminated (typos, prefilled username for windows client, ...)
132 For a complete and detailed change log since the last release candidate run:
136 # 2020-05-05 Version 2.1.0
140 * fix multiple CVEs: CVE-2020-11039, CVE-2020-11038, CVE-2020-11043, CVE-2020-11040, CVE-2020-11041,
141 CVE-2020-11019, CVE-2020-11017, CVE-2020-11018
142 * fix multiple leak and crash issues (#6129, #6128, #6127, #6110, #6081, #6077)
144 Noteworthy features and improvements:
145 * Fixed sound issues (#6043)
146 * New expert command line options /tune and /tune-list to modify all client
147 settings in a generic way.
148 * Fixes for smartcard cache, this improves compatibility of smartcard devices
149 with newer smartcard channel.
150 * Shadow server can now be instructed to listen to multiple interfaces.
151 * Improved server certificate support (#6052)
152 * Various fixes for wayland client (fullscreen, mouse wheel, ...)
153 * Fixed large mouse pointer support, now mouse pointers > 96x96 pixel are visible.
154 * USB redirection command line improvements (filter options)
155 * Various translation improvements for android and ios clients
157 For a complete and detailed change log since the last release candidate run:
161 # 2020-04-09 Version 2.0.0
165 * fix multiple CVEs: CVE-2020-11521 CVE-2020-11522 CVE-2020-11523 CVE-2020-11524 CVE-2020-11525 CVE-2020-11526
166 * fix multiple other security related issues (#6005, #6006, #6007, #6008, #6009, #6010, #6011, #6012, #6013)
167 * sha256 is now used instead of sha1 to fingerprint certificates. This will
168 invalidate all hosts in FreeRDP known_hosts2 file and causes a prompt if a
169 new connection is established after the update
171 Noteworthy features and improvements:
173 * First version of the RDP proxy was added (#5372) - thanks to @kubistika
174 * Smartcard received some refactoring. Missing functions were added and input
175 validation was improved (#5884)
176 * A new option /cert that unifies all certificate related options (#5880)
177 The old options (cert-ignore, cert-deny, cert-name, cert-tofu) are still
178 available but marked as deprecated
179 * Support for Remote Assistance Protocol Version 2 [MS-RA]
180 * The DirectFB client was removed because it was unmaintained
181 * Unified initialization of OrderSupport
182 * Fix for licensing against Windows Server 2003
183 * Font smoothing is now enabled per default
184 * Flatpack support was added
185 * Smart scaling for Wayland using libcairo was added (#5215)
186 * Unified update->BeginPaint and update->EndPaint
187 * An image scaling API for software drawing was added
188 * Rail was updated to the latest spec version 28.0
189 * Support for H.264 in the shadow server is now detected at runtime
190 * Add mask=<value> option for /gfx and /gfx-h264 (#5771)
191 * Code reformatting (#5667)
192 * A new option /timeout was added to adjust the TCP ACK timeout (#5987)
194 For a complete and detailed change log since the last release candidate run:
195 git log 2.0.0-rc4..2.0.0
198 # 2018-11-19 Version 2.0.0-rc4
200 FreeRDP 2.0.0-rc4 is the fifth release candidate for 2.0.0. Although it mainly
201 addresses security and stability there are some new features as well.
203 Noteworthy features and improvements:
205 * fix multiple reported CVEs (#5031)
206 * gateway: multiple fixes and improvements (#3600, #4787, #4902, #4964, #4947,
208 * client/X11: support for rail (remote app) icons was added (#5012)
209 * licensing: the licensing code was re-worked. Per-device licenses
210 are now saved on the client and used on re-connect.
211 WARNING: this is a change in FreeRDP behavior regarding licensing. If the old
212 behavior is required, or no licenses should be saved use the
213 new command line option +old-license (#4979)
214 * improve order handling - only orders that were enabled
215 during capability exchange are accepted (#4926).
216 WARNING and NOTE: some servers do improperly send orders that weren't negotiated,
217 for such cases the new command line option /relax-order-checks was added to
218 disable the strict order checking. If connecting to xrdp the options
219 /relax-order-checks *and* +glyph-cache are required.
220 * /smartcard has now support for substring filters (#4840)
221 for details see https://github.com/FreeRDP/FreeRDP/wiki/smartcard-logon
222 * add support to set tls security level (for openssl >= 1.1.0)
223 - default level is set to 1
224 - the new command line option /tls-seclevel:[LEVEL] allows to set
225 a different level if required
226 * add new command line option /smartcard-logon to allow
227 smartcard login (currently only with RDP security) (#4842)
228 * new command line option: /window-position to allow positioning
229 the window on startup (#5018)
230 * client/X11: set window title before mapping (#5023)
231 * rdpsnd/audin (mostly server side) add support for audio re-sampling using soxr or ffmpeg
232 * client/Android: add Japanese translation (#4906)
233 * client/Android: add Korean translation (#5029)
235 For a complete and detailed change log since the last release candidate run:
236 git log 2.0.0-rc3..2.0.0-rc4
239 # 2018-08-01 Version 2.0.0-rc3
241 FreeRDP 2.0.0-rc3 is the fourth release candidate for 2.0.0.
242 For a complete and detailed change log since the last release candidate run:
243 git log 2.0.0-rc2..2.0.0-rc3
245 Noteworthy features and improvements:
247 * Updated and improved sound and microphone redirection format support (AAC)
248 * Improved reliability of reconnect and redirection support
249 * Fixed memory leaks with +async-update
250 * Improved connection error reporting
251 * Improved gateway support (various fixes for HTTP and RDG)
252 * SOCKS proxy support (all clients)
253 * More reliable resolution switching with /dynamic-resolution (MS-RDPEVOR) (xfreerdp)
255 Fixed github issues (excerpt):
257 * #1924, #4132, #4511 Fixed redirection
258 * #4165 AAC and MP3 codec support for sound and microphone redirection
259 * #4222 Gateway connections prefer IP to hostname
260 * #4550 Fixed issues with +async-update
261 * #4634 Comment support in known_hosts file
262 * #4684 /drive and +drives don't work togehter
263 * #4735 Automatically reconnect if connection timed out waiting for user interaction
265 See https://github.com/FreeRDP/FreeRDP/milestone/9 for a complete list.
268 # 2017-11-28 Version 2.0.0-rc2
270 FreeRDP 2.0.0-rc2 is the third release candidate for 2.0.0.
271 For a complete and detailed change log since the last release candidate run:
272 git log 2.0.0-rc1..2.0.0-rc2
274 Noteworthy features and improvements:
276 * IMPORTANT: add support CredSSP v6 - this fixes KB4088776 see #4449, #4488
277 * basic support for the "Video Optimized Remoting Virtual Channel Extension" (MS-RDPEVOR) was added
278 * many smart card related fixes and cleanups #4312
280 * fix OpenSSL 1.1.0 detection on Windows
281 * fix IPv6 handling on Windows
282 * add support for memory and thread sanitizer
283 * support for dynamic resloution changes was added in xfreerdp #4313
284 * support for gateway access token (command line option /gat) was added
285 * initial support for travis-ci.org was added
286 * SSE optimization version of RGB to AVC444 frame split was added
287 * build: -msse2/-msse3 are not enabled globally anymore
289 Fixed github issues (excerpt):
291 * #4227 Convert settings->Password to binary blob
292 * #4231 freerdp-2.0.0_rc0: 5 tests failed out of 184 on ppc
293 * #4276 Big endian fixes
294 * #4291 xfreerdp “Segmentation fault” when connecting to freerdp-shadow-cli
295 * #4293 [X11] shadow server memory corruption with /monitors:2 #4293
296 * #4296 drive redirection - raise an error if the directory can't be founde
297 * #4306 Cannot connect to shadow server with NLA auth: SEC_E_OUT_OF_SEQUENCE
298 * #4447 Apple rpath namespace fixes
299 * #4457 Fix /size: /w: /h: with /monitors: (Fix custom sizes)
300 * #4527 pre-connection blob (pcb) support in .rdp files
301 * #4552 Fix Windows 10 cursors drawing as black
302 * smartcard related: #3521, #3431, #3474, #3488, #775, #1424
304 See https://github.com/FreeRDP/FreeRDP/milestone/8 for a complete list.
307 # 2017-11-28 Version 2.0.0-rc1
309 FreeRDP 2.0.0-rc1 is the second release candidate for 2.0.0.
310 For a complete and detailed change log since the last release candidate run:
311 git log 2.0.0-rc0..master
313 Noteworthy features and improvements:
315 * support for FIPS mode was added (option +fipsmode)
316 * initial client side kerberos support (run cmake with WITH_GSSAPI)
317 * support for ssh-agent redirection (as rdp channel)
318 * the man page(s) and /help were updated an improved
319 * build: support for GNU/kFreeBSD
320 * add support for ICU for unicode conversion (-DWITH_ICU=ON)
321 * client add option to force password prompt before connection (/from-stdin[:force])
322 * add Samsung DeX support
323 * extend /size to allow width or height percentages (#4146)
324 * add support for "password is pin"
325 * clipboard is now enabled per default (use -clipboard to disable)
327 Fixed github issues (excerpt):
329 * #4281: Added option to prefer IPv6 over IPv4
330 * #3890: Point to OpenSSL doc for private CA
331 * #3378: support 31 static channels as described in the spec
332 * #1536: fix clipboard on mac
333 * #4253: Rfx decode tile width.
334 * #3267: fix parsing of drivestoredirect
335 * #4257: Proper error checks for /kbd argument
336 * #4249: Corruption due to recursive parser
337 * #4111: 15bpp color handling for brush.
338 * #3509: Added Ctrl+Alt+Enter description
339 * #3211: Return freerdp error from main.
340 * #3513: add better description for drive redirection
341 * #4199: ConvertFindDataAToW string length
342 * #4135: client/x11: fix colors on big endian
343 * #4089: fix h264 context leak when DeleteSurface
344 * #4117: possible segfault
345 * #4091: fix a regression with remote program
347 See https://github.com/FreeRDP/FreeRDP/milestone/7 for a complete list.
350 2012-02-07 Version 1.0.1
352 FreeRDP 1.0.1 is a maintenance release to address a certain number of
353 issues found in 1.0.0. This release also brings corrective measures
354 to certificate validation which were required for inclusion in Ubuntu.
356 * Certificate Validation
357 * Improved validation logic and robustness
358 * Added validation of certificate name against hostname
360 * Token-based Server Redirection
361 * Fixed redirection logic
362 * HAProxy load-balancer support
365 * better event handling
366 * capture performance improvements
369 * Fix RemoteFX support
370 * Fix mingw64 compilation
373 * Fix severe TCP sending bug
374 * Added server-side Standard RDP security
376 2012-01-16 Version 1.0.0
380 FreeRDP 1.0 is the first release of FreeRDP under the Apache License 2.0.
381 The FreeRDP 1.x series is a rewrite, meaning there is no continuity with
382 the previous FreeRDP 0.x series which were released under GPLv2.
387 * Both encoder and decoder
388 * SSE2 and NEON optimization
391 * Working, minor glitches
392 * Multimedia Redirection
394 * Network Level Authentication (NLA)
396 * Certificate validation
397 * FIPS-compliant RDP security
398 * new build system (cmake)
399 * added official logo and icon
406 * both client and server
410 * bitmap decompression
411 * codec encoding/decoding
414 * libfreerdp-channels
415 * virtual channel management
416 * client and server side support
418 * extensively unit tested
419 * portable software GDI implementation
423 * shared utility library
427 * client/X11 (xfreerdp)
430 * X11 GDI implementation
431 * client/DirectFB (dfreerdp)
433 * software-based GDI (libfreerdp-gdi)
434 * client/Windows (wfreerdp)
435 * Native Win32 support
437 FreeRDP Servers (experimental):
439 * server/X11 (xfreerdp-server)
442 * highly experimental
443 * keyboard and mouse input supported
447 * cliprdr (Clipboard Redirection)
449 * drdynvc (Dynamic Virtual Channels)
450 * audin (Audio Input Redirection)
453 * tsmf (Multimedia Redirection)
457 * rdpdr (Device Redirection)
458 * disk (Disk Redirection)
459 * parallel (Parallel Port Redirection)
460 * serial (Serial Port Redirection)
461 * printer (Printer Redirection)
463 * smartcard (Smartcard Redirection)
464 * rdpsnd (Sound Redirection)