From b2cbe2c1cc609b11d12ce585998a42d256ba18dc Mon Sep 17 00:00:00 2001 From: akallabeth Date: Tue, 16 Apr 2024 12:02:08 +0200 Subject: [PATCH] changelog --- ChangeLog | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/ChangeLog b/ChangeLog index b23f8d37b..ccba1116a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,38 @@ +# 2024-04-16 Version 3.5.0 + +This release focus is on squashing bugs. +The improved test coverage and ci builds revealed a number of previously +unnoticed issues we have addressed and we also got a report from +Evgeny Legerov of Kaspersky Lab identifying a number of out of bound reads +in decoder components and one very nasty out of bound write. + +CVE: +CVE-2024-32041 [Low[ OutOfBound Read in zgfx_decompress_segment +CVE-2024-32039 [Moderate] Integer overflow & OutOfBound Write in clear_decompress_residual_data +CVE-2024-32040 [Low] integer underflow in nsc_rle_decode +CVE-2024-32458 [Low] OutOfBound Read in planar_skip_plane_rle +CVE-2024-32459 [Low] OutOfBound Read in ncrush_decompress +CVE-2024-32460 [Low] OutOfBound Read in interleaved_decompress + +Noteworthy changes: +* location channel support #9981, #9984, #10065 +* bugfixes for report from Evgeny Legerov of Kaspersky Lab #10077 +* fuzzer tests from Evgeny Legerov of Kaspersky Lab #10078 +* bugfixes for coverty scanner #10066, #10068, #10069, #10070, #10075 +* clipboard and generic locking fixes #10076 +* split autoreconnect support from enabling it #10063 +* various nightly and workflow fixes #10064, #10058, #10062 +* always set wm-class to app_id #10051 +* refactored and simplified CMake #10046, #10047 +* fix relative mouse event sending #10010 +* improve and unify check for APIs used (POSIX, win32, mac, ...) #9995 +* fix termination for gateway connections #9985 +* fix drivestoredirect RDP file setting, ignore invalid #9989 +* drop IPP support #10038 + +For a complete and detailed change log since the last release run: +git log 3.5.0...3.4.0 + # 2024-03-14 Version 3.4.0 This release concentrates on improving test coverage and ci builds.