1 # 2021-03-15 Version 2.3.2
4 * Fixed autoreconnect printer backend loading
5 * Fixed compilation on older mac os versions < 10.14
6 * Fixed mouse pointer move with smart-sizing
7 * Added command line option to disable websocket gateway support
8 * Fixed drive hotplugging issues with windows
9 * Fixed smartcard issues on mac
12 * #6900: Transparency issues with aFreeRDP
13 * #6848: Invalid format string in smartcard trace
14 * #6846: Fixed static builds
15 * #6888: Crash due to missing bounds checks
16 * #6882: Use default sound devoce on mac
18 For a complete and detailed change log since the last release run:
21 # 2021-03-01 Version 2.3.1
24 * This is a compatibility bugfix release readding some (deprecated)
26 * Also add some more EXPERIMENTAL warnings to CMake flags as some were not
28 * Fixed a memory leak in xfreerdp (mouse pointer updates)
29 * No longer activating some compile time debug options with -DWITH_DEBUG_ALL=ON
30 which might leak sensitive information.
31 * Added -DDEFINE_NO_DEPRECATED for developers to detect use of deprecated
34 For a complete and detailed change log since the last release run:
38 # 2021-02-24 Version 2.3.0
41 * CMake option WITH_PROXY_MODULES is currently experimental, do not use in
43 * The clipboard struct FILEDESCRIPTOR was replaced by FILEDESCRIPTORW with
44 proper data types. They are binary compatible and the former is kept for
45 compatibility but compilers will emit warnings.
48 * Websocket support for proxy connections
49 * Progressive codec improvements. Reduces graphical glitches against windows
51 * Fixed +glyph-cache, now working properly without disconnects
52 * Huge file support in clipboard
53 * XWayland support for xfreerdp (keyboard grabbing)
54 * Improved wlfreerdp (wayland client)
55 * Option to allow keyboard scancodes to be remapped manually
56 * Improved mouse wheel behaviour when scrolling
57 * Improved dynamic channel behaviour, more stable event detection
58 * New connection state PubSub notification: Clients can now monitor current
62 * #6626: Fixed parsing of FastGlyph order.
63 * #6624: Added support for xwayland keyboard grab
64 * #6492: Added clipboard CB_HUGE_FILE_SUPPORT_ENABLED flag
65 * #6428: Improve NLA error code logging.
66 * #6416: Http gateway message support
67 * #6753: List of pull requests to backport for stable-next
69 For a complete and detailed change log since the last release run:
73 # 2020-07-20 Version 2.2.0
76 * CVE-2020-15103 - Integer overflow due to missing input sanitation in rdpegfx channel
79 * fix: memory leak in nsc
81 * some fixes and improvements
83 * use cmake to detect getlogin_r
84 * improve asan checks/detection
86 * new: support for heartbeats
87 * new: support for rail handshake ex flags
88 * fix: possible race condition with redirects
91 * #6263 Sound & mic - filter GSM codec for microphone redirection
92 * #6335: windows client title length
93 * #6370 - "Alternate Secondary Drawing Order UNKNOWN"
94 * #6298 - remoteapp with dialog is disconnecting when it loses focus
95 * #6299 - v2.1.2: Can't connect to Windows7
97 For a complete and detailed change log since the last release run:
101 # 2020-06-22 Version 2.1.2
104 * CVE-2020-4033 Out of bound read in RLEDECOMPRESS
105 * CVE-2020-4031 Use-After-Free in gdi_SelectObject
106 * CVE-2020-4032 Integer casting vulnerability in `update_recv_secondary_order`
107 * CVE-2020-4030 OOB read in `TrioParse`
108 * CVE-2020-11099 OOB Read in license_read_new_or_upgrade_license_packet
109 * CVE-2020-11098 Out-of-bound read in glyph_cache_put
110 * CVE-2020-11097 OOB read in ntlm_av_pair_get
111 * CVE-2020-11095 Global OOB read in update_recv_primary_order
112 * CVE-2020-11096 Global OOB read in update_read_cache_bitmap_v3_order
113 * Gateway RPC fixes for windows
114 * Fixed resource fee race resulting in double free in USB redirection
115 * Fixed wayland client crashes
116 * Fixed X11 client mouse mapping issues (X11 mapping on/off)
117 * Some proxy related improvements (capture module)
118 * Code cleanup (use getlogin_r, ...)
120 For a complete and detailed change log since the last release candidate run:
124 # 2020-05-20 Version 2.1.1
127 * CVE: GHSL-2020-100 OOB Read in ntlm_read_ChallengeMessage
128 * CVE: GHSL-2020-101 OOB Read in security_fips_decrypt due to uninitialized value
129 * CVE: GHSL-2020-102 OOB Write in crypto_rsa_common
130 * Enforce synchronous legacy RDP encryption count (#6156)
131 * Fixed some leaks and crashes missed in 2.1.0
132 * Removed dynamic channel listener limits
133 * Lots of resource cleanup fixes (clang sanitizers)
134 * A couple of performance improvements
135 * Various small annoyances eliminated (typos, prefilled username for windows client, ...)
138 For a complete and detailed change log since the last release candidate run:
142 # 2020-05-05 Version 2.1.0
146 * fix multiple CVEs: CVE-2020-11039, CVE-2020-11038, CVE-2020-11043, CVE-2020-11040, CVE-2020-11041,
147 CVE-2020-11019, CVE-2020-11017, CVE-2020-11018
148 * fix multiple leak and crash issues (#6129, #6128, #6127, #6110, #6081, #6077)
150 Noteworthy features and improvements:
151 * Fixed sound issues (#6043)
152 * New expert command line options /tune and /tune-list to modify all client
153 settings in a generic way.
154 * Fixes for smartcard cache, this improves compatibility of smartcard devices
155 with newer smartcard channel.
156 * Shadow server can now be instructed to listen to multiple interfaces.
157 * Improved server certificate support (#6052)
158 * Various fixes for wayland client (fullscreen, mouse wheel, ...)
159 * Fixed large mouse pointer support, now mouse pointers > 96x96 pixel are visible.
160 * USB redirection command line improvements (filter options)
161 * Various translation improvements for android and ios clients
163 For a complete and detailed change log since the last release candidate run:
167 # 2020-04-09 Version 2.0.0
171 * fix multiple CVEs: CVE-2020-11521 CVE-2020-11522 CVE-2020-11523 CVE-2020-11524 CVE-2020-11525 CVE-2020-11526
172 * fix multiple other security related issues (#6005, #6006, #6007, #6008, #6009, #6010, #6011, #6012, #6013)
173 * sha256 is now used instead of sha1 to fingerprint certificates. This will
174 invalidate all hosts in FreeRDP known_hosts2 file and causes a prompt if a
175 new connection is established after the update
177 Noteworthy features and improvements:
179 * First version of the RDP proxy was added (#5372) - thanks to @kubistika
180 * Smartcard received some refactoring. Missing functions were added and input
181 validation was improved (#5884)
182 * A new option /cert that unifies all certificate related options (#5880)
183 The old options (cert-ignore, cert-deny, cert-name, cert-tofu) are still
184 available but marked as deprecated
185 * Support for Remote Assistance Protocol Version 2 [MS-RA]
186 * The DirectFB client was removed because it was unmaintained
187 * Unified initialization of OrderSupport
188 * Fix for licensing against Windows Server 2003
189 * Font smoothing is now enabled per default
190 * Flatpack support was added
191 * Smart scaling for Wayland using libcairo was added (#5215)
192 * Unified update->BeginPaint and update->EndPaint
193 * An image scaling API for software drawing was added
194 * Rail was updated to the latest spec version 28.0
195 * Support for H.264 in the shadow server is now detected at runtime
196 * Add mask=<value> option for /gfx and /gfx-h264 (#5771)
197 * Code reformatting (#5667)
198 * A new option /timeout was added to adjust the TCP ACK timeout (#5987)
200 For a complete and detailed change log since the last release candidate run:
201 git log 2.0.0-rc4..2.0.0
204 # 2018-11-19 Version 2.0.0-rc4
206 FreeRDP 2.0.0-rc4 is the fifth release candidate for 2.0.0. Although it mainly
207 addresses security and stability there are some new features as well.
209 Noteworthy features and improvements:
211 * fix multiple reported CVEs (#5031)
212 * gateway: multiple fixes and improvements (#3600, #4787, #4902, #4964, #4947,
214 * client/X11: support for rail (remote app) icons was added (#5012)
215 * licensing: the licensing code was re-worked. Per-device licenses
216 are now saved on the client and used on re-connect.
217 WARNING: this is a change in FreeRDP behavior regarding licensing. If the old
218 behavior is required, or no licenses should be saved use the
219 new command line option +old-license (#4979)
220 * improve order handling - only orders that were enabled
221 during capability exchange are accepted (#4926).
222 WARNING and NOTE: some servers do improperly send orders that weren't negotiated,
223 for such cases the new command line option /relax-order-checks was added to
224 disable the strict order checking. If connecting to xrdp the options
225 /relax-order-checks *and* +glyph-cache are required.
226 * /smartcard has now support for substring filters (#4840)
227 for details see https://github.com/FreeRDP/FreeRDP/wiki/smartcard-logon
228 * add support to set tls security level (for openssl >= 1.1.0)
229 - default level is set to 1
230 - the new command line option /tls-seclevel:[LEVEL] allows to set
231 a different level if required
232 * add new command line option /smartcard-logon to allow
233 smartcard login (currently only with RDP security) (#4842)
234 * new command line option: /window-position to allow positioning
235 the window on startup (#5018)
236 * client/X11: set window title before mapping (#5023)
237 * rdpsnd/audin (mostly server side) add support for audio re-sampling using soxr or ffmpeg
238 * client/Android: add Japanese translation (#4906)
239 * client/Android: add Korean translation (#5029)
241 For a complete and detailed change log since the last release candidate run:
242 git log 2.0.0-rc3..2.0.0-rc4
245 # 2018-08-01 Version 2.0.0-rc3
247 FreeRDP 2.0.0-rc3 is the fourth release candidate for 2.0.0.
248 For a complete and detailed change log since the last release candidate run:
249 git log 2.0.0-rc2..2.0.0-rc3
251 Noteworthy features and improvements:
253 * Updated and improved sound and microphone redirection format support (AAC)
254 * Improved reliability of reconnect and redirection support
255 * Fixed memory leaks with +async-update
256 * Improved connection error reporting
257 * Improved gateway support (various fixes for HTTP and RDG)
258 * SOCKS proxy support (all clients)
259 * More reliable resolution switching with /dynamic-resolution (MS-RDPEVOR) (xfreerdp)
261 Fixed github issues (excerpt):
263 * #1924, #4132, #4511 Fixed redirection
264 * #4165 AAC and MP3 codec support for sound and microphone redirection
265 * #4222 Gateway connections prefer IP to hostname
266 * #4550 Fixed issues with +async-update
267 * #4634 Comment support in known_hosts file
268 * #4684 /drive and +drives don't work togehter
269 * #4735 Automatically reconnect if connection timed out waiting for user interaction
271 See https://github.com/FreeRDP/FreeRDP/milestone/9 for a complete list.
274 # 2017-11-28 Version 2.0.0-rc2
276 FreeRDP 2.0.0-rc2 is the third release candidate for 2.0.0.
277 For a complete and detailed change log since the last release candidate run:
278 git log 2.0.0-rc1..2.0.0-rc2
280 Noteworthy features and improvements:
282 * IMPORTANT: add support CredSSP v6 - this fixes KB4088776 see #4449, #4488
283 * basic support for the "Video Optimized Remoting Virtual Channel Extension" (MS-RDPEVOR) was added
284 * many smart card related fixes and cleanups #4312
286 * fix OpenSSL 1.1.0 detection on Windows
287 * fix IPv6 handling on Windows
288 * add support for memory and thread sanitizer
289 * support for dynamic resloution changes was added in xfreerdp #4313
290 * support for gateway access token (command line option /gat) was added
291 * initial support for travis-ci.org was added
292 * SSE optimization version of RGB to AVC444 frame split was added
293 * build: -msse2/-msse3 are not enabled globally anymore
295 Fixed github issues (excerpt):
297 * #4227 Convert settings->Password to binary blob
298 * #4231 freerdp-2.0.0_rc0: 5 tests failed out of 184 on ppc
299 * #4276 Big endian fixes
300 * #4291 xfreerdp “Segmentation fault” when connecting to freerdp-shadow-cli
301 * #4293 [X11] shadow server memory corruption with /monitors:2 #4293
302 * #4296 drive redirection - raise an error if the directory can't be founde
303 * #4306 Cannot connect to shadow server with NLA auth: SEC_E_OUT_OF_SEQUENCE
304 * #4447 Apple rpath namespace fixes
305 * #4457 Fix /size: /w: /h: with /monitors: (Fix custom sizes)
306 * #4527 pre-connection blob (pcb) support in .rdp files
307 * #4552 Fix Windows 10 cursors drawing as black
308 * smartcard related: #3521, #3431, #3474, #3488, #775, #1424
310 See https://github.com/FreeRDP/FreeRDP/milestone/8 for a complete list.
313 # 2017-11-28 Version 2.0.0-rc1
315 FreeRDP 2.0.0-rc1 is the second release candidate for 2.0.0.
316 For a complete and detailed change log since the last release candidate run:
317 git log 2.0.0-rc0..master
319 Noteworthy features and improvements:
321 * support for FIPS mode was added (option +fipsmode)
322 * initial client side kerberos support (run cmake with WITH_GSSAPI)
323 * support for ssh-agent redirection (as rdp channel)
324 * the man page(s) and /help were updated an improved
325 * build: support for GNU/kFreeBSD
326 * add support for ICU for unicode conversion (-DWITH_ICU=ON)
327 * client add option to force password prompt before connection (/from-stdin[:force])
328 * add Samsung DeX support
329 * extend /size to allow width or height percentages (#4146)
330 * add support for "password is pin"
331 * clipboard is now enabled per default (use -clipboard to disable)
333 Fixed github issues (excerpt):
335 * #4281: Added option to prefer IPv6 over IPv4
336 * #3890: Point to OpenSSL doc for private CA
337 * #3378: support 31 static channels as described in the spec
338 * #1536: fix clipboard on mac
339 * #4253: Rfx decode tile width.
340 * #3267: fix parsing of drivestoredirect
341 * #4257: Proper error checks for /kbd argument
342 * #4249: Corruption due to recursive parser
343 * #4111: 15bpp color handling for brush.
344 * #3509: Added Ctrl+Alt+Enter description
345 * #3211: Return freerdp error from main.
346 * #3513: add better description for drive redirection
347 * #4199: ConvertFindDataAToW string length
348 * #4135: client/x11: fix colors on big endian
349 * #4089: fix h264 context leak when DeleteSurface
350 * #4117: possible segfault
351 * #4091: fix a regression with remote program
353 See https://github.com/FreeRDP/FreeRDP/milestone/7 for a complete list.
356 2012-02-07 Version 1.0.1
358 FreeRDP 1.0.1 is a maintenance release to address a certain number of
359 issues found in 1.0.0. This release also brings corrective measures
360 to certificate validation which were required for inclusion in Ubuntu.
362 * Certificate Validation
363 * Improved validation logic and robustness
364 * Added validation of certificate name against hostname
366 * Token-based Server Redirection
367 * Fixed redirection logic
368 * HAProxy load-balancer support
371 * better event handling
372 * capture performance improvements
375 * Fix RemoteFX support
376 * Fix mingw64 compilation
379 * Fix severe TCP sending bug
380 * Added server-side Standard RDP security
382 2012-01-16 Version 1.0.0
386 FreeRDP 1.0 is the first release of FreeRDP under the Apache License 2.0.
387 The FreeRDP 1.x series is a rewrite, meaning there is no continuity with
388 the previous FreeRDP 0.x series which were released under GPLv2.
393 * Both encoder and decoder
394 * SSE2 and NEON optimization
397 * Working, minor glitches
398 * Multimedia Redirection
400 * Network Level Authentication (NLA)
402 * Certificate validation
403 * FIPS-compliant RDP security
404 * new build system (cmake)
405 * added official logo and icon
412 * both client and server
416 * bitmap decompression
417 * codec encoding/decoding
420 * libfreerdp-channels
421 * virtual channel management
422 * client and server side support
424 * extensively unit tested
425 * portable software GDI implementation
429 * shared utility library
433 * client/X11 (xfreerdp)
436 * X11 GDI implementation
437 * client/DirectFB (dfreerdp)
439 * software-based GDI (libfreerdp-gdi)
440 * client/Windows (wfreerdp)
441 * Native Win32 support
443 FreeRDP Servers (experimental):
445 * server/X11 (xfreerdp-server)
448 * highly experimental
449 * keyboard and mouse input supported
453 * cliprdr (Clipboard Redirection)
455 * drdynvc (Dynamic Virtual Channels)
456 * audin (Audio Input Redirection)
459 * tsmf (Multimedia Redirection)
463 * rdpdr (Device Redirection)
464 * disk (Disk Redirection)
465 * parallel (Parallel Port Redirection)
466 * serial (Serial Port Redirection)
467 * printer (Printer Redirection)
469 * smartcard (Smartcard Redirection)
470 * rdpsnd (Sound Redirection)