9 changed files with 124 additions and 980 deletions
--- a/SOURCES/Revert-Moved-clipboard-utils-to-core-library-fixes-6.patch
+++ b/SOURCES/Revert-Moved-clipboard-utils-to-core-library-fixes-6.patch
@ -1,560 +0,0 @@
-From a441e68fccc8ef137c9e8e667fed6adaab34ba37 Mon Sep 17 00:00:00 2001
-From: Ondrej Holy <oholy@redhat.com>
-Date: Tue, 1 Oct 2024 15:43:07 +0200
-Subject: [PATCH] Revert "Moved clipboard utils to core library, fixes #6760
- (#7752)"
-
-This reverts commit 26a83e6ccde272c1bbc2b2591325dc7a493811bc.
---
- channels/cliprdr/client/cliprdr_format.c | 195 +++++++++++++++++++
- include/freerdp/channels/cliprdr.h       |  12 +-
- include/freerdp/utils/cliprdr_utils.h    |  48 -----
- libfreerdp/utils/CMakeLists.txt          |   1 -
- libfreerdp/utils/cliprdr_utils.c         | 235 -----------------------
- 5 files changed, 206 insertions(+), 285 deletions(-)
- delete mode 100644 include/freerdp/utils/cliprdr_utils.h
- delete mode 100644 libfreerdp/utils/cliprdr_utils.c
-
-diff --git a/channels/cliprdr/client/cliprdr_format.c b/channels/cliprdr/client/cliprdr_format.c
-index 0b6111b96..4c31a1b08 100644
--- a/channels/cliprdr/client/cliprdr_format.c
-+++ b/channels/cliprdr/client/cliprdr_format.c
-@@ -173,3 +173,198 @@ UINT cliprdr_process_format_data_response(cliprdrPlugin* cliprdr, wStream* s, UI
- 
- 	return error;
- }
-+
-+static UINT64 filetime_to_uint64(FILETIME value)
-+{
-+	UINT64 converted = 0;
-+	converted |= (UINT32)value.dwHighDateTime;
-+	converted <<= 32;
-+	converted |= (UINT32)value.dwLowDateTime;
-+	return converted;
-+}
-+
-+static FILETIME uint64_to_filetime(UINT64 value)
-+{
-+	FILETIME converted;
-+	converted.dwLowDateTime = (UINT32)(value >> 0);
-+	converted.dwHighDateTime = (UINT32)(value >> 32);
-+	return converted;
-+}
-+
-+#define CLIPRDR_FILEDESCRIPTOR_SIZE (4 + 32 + 4 + 16 + 8 + 8 + 520)
-+
-+/**
-+ * Parse a packed file list.
-+ *
-+ * The resulting array must be freed with the `free()` function.
-+ *
-+ * @param [in]  format_data            packed `CLIPRDR_FILELIST` to parse.
-+ * @param [in]  format_data_length     length of `format_data` in bytes.
-+ * @param [out] file_descriptor_array  parsed array of `FILEDESCRIPTOR` structs.
-+ * @param [out] file_descriptor_count  number of elements in `file_descriptor_array`.
-+ *
-+ * @returns 0 on success, otherwise a Win32 error code.
-+ */
-+UINT cliprdr_parse_file_list(const BYTE* format_data, UINT32 format_data_length,
-+                             FILEDESCRIPTORW** file_descriptor_array, UINT32* file_descriptor_count)
-+{
-+	UINT result = NO_ERROR;
-+	UINT32 i;
-+	UINT32 count = 0;
-+	wStream* s = NULL;
-+
-+	if (!format_data || !file_descriptor_array || !file_descriptor_count)
-+		return ERROR_BAD_ARGUMENTS;
-+
-+	s = Stream_New((BYTE*)format_data, format_data_length);
-+	if (!s)
-+		return ERROR_NOT_ENOUGH_MEMORY;
-+
-+	if (Stream_GetRemainingLength(s) < 4)
-+	{
-+		WLog_ERR(TAG, "invalid packed file list");
-+
-+		result = ERROR_INCORRECT_SIZE;
-+		goto out;
-+	}
-+
-+	Stream_Read_UINT32(s, count); /* cItems (4 bytes) */
-+
-+	if (Stream_GetRemainingLength(s) / CLIPRDR_FILEDESCRIPTOR_SIZE < count)
-+	{
-+		WLog_ERR(TAG, "packed file list is too short: expected %" PRIuz ", have %" PRIuz,
-+		         ((size_t)count) * CLIPRDR_FILEDESCRIPTOR_SIZE, Stream_GetRemainingLength(s));
-+
-+		result = ERROR_INCORRECT_SIZE;
-+		goto out;
-+	}
-+
-+	*file_descriptor_count = count;
-+	*file_descriptor_array = calloc(count, sizeof(FILEDESCRIPTORW));
-+	if (!*file_descriptor_array)
-+	{
-+		result = ERROR_NOT_ENOUGH_MEMORY;
-+		goto out;
-+	}
-+
-+	for (i = 0; i < count; i++)
-+	{
-+		int c;
-+		UINT64 lastWriteTime;
-+		FILEDESCRIPTORW* file = &((*file_descriptor_array)[i]);
-+
-+		Stream_Read_UINT32(s, file->dwFlags);          /* flags (4 bytes) */
-+		Stream_Seek(s, 32);                            /* reserved1 (32 bytes) */
-+		Stream_Read_UINT32(s, file->dwFileAttributes); /* fileAttributes (4 bytes) */
-+		Stream_Seek(s, 16);                            /* reserved2 (16 bytes) */
-+		Stream_Read_UINT64(s, lastWriteTime);          /* lastWriteTime (8 bytes) */
-+		file->ftLastWriteTime = uint64_to_filetime(lastWriteTime);
-+		Stream_Read_UINT32(s, file->nFileSizeHigh); /* fileSizeHigh (4 bytes) */
-+		Stream_Read_UINT32(s, file->nFileSizeLow);  /* fileSizeLow (4 bytes) */
-+		for (c = 0; c < 260; c++)                   /* cFileName (520 bytes) */
-+			Stream_Read_UINT16(s, file->cFileName[c]);
-+	}
-+
-+	if (Stream_GetRemainingLength(s) > 0)
-+		WLog_WARN(TAG, "packed file list has %" PRIuz " excess bytes",
-+		          Stream_GetRemainingLength(s));
-+out:
-+	Stream_Free(s, FALSE);
-+
-+	return result;
-+}
-+
-+#define CLIPRDR_MAX_FILE_SIZE (2U * 1024 * 1024 * 1024)
-+
-+/**
-+ * Serialize a packed file list.
-+ *
-+ * The resulting format data must be freed with the `free()` function.
-+ *
-+ * @param [in]  file_descriptor_array  array of `FILEDESCRIPTOR` structs to serialize.
-+ * @param [in]  file_descriptor_count  number of elements in `file_descriptor_array`.
-+ * @param [out] format_data            serialized CLIPRDR_FILELIST.
-+ * @param [out] format_data_length     length of `format_data` in bytes.
-+ *
-+ * @returns 0 on success, otherwise a Win32 error code.
-+ */
-+UINT cliprdr_serialize_file_list(const FILEDESCRIPTORW* file_descriptor_array,
-+                                 UINT32 file_descriptor_count, BYTE** format_data,
-+                                 UINT32* format_data_length)
-+{
-+	return cliprdr_serialize_file_list_ex(CB_STREAM_FILECLIP_ENABLED, file_descriptor_array,
-+	                                      file_descriptor_count, format_data, format_data_length);
-+}
-+
-+UINT cliprdr_serialize_file_list_ex(UINT32 flags, const FILEDESCRIPTORW* file_descriptor_array,
-+                                    UINT32 file_descriptor_count, BYTE** format_data,
-+                                    UINT32* format_data_length)
-+{
-+	UINT result = NO_ERROR;
-+	UINT32 i;
-+	wStream* s = NULL;
-+
-+	if (!file_descriptor_array || !format_data || !format_data_length)
-+		return ERROR_BAD_ARGUMENTS;
-+
-+	if ((flags & CB_STREAM_FILECLIP_ENABLED) == 0)
-+	{
-+		WLog_WARN(TAG, "No file clipboard support annouonced!");
-+		return ERROR_BAD_ARGUMENTS;
-+	}
-+
-+	s = Stream_New(NULL, 4 + file_descriptor_count * CLIPRDR_FILEDESCRIPTOR_SIZE);
-+	if (!s)
-+		return ERROR_NOT_ENOUGH_MEMORY;
-+
-+	Stream_Write_UINT32(s, file_descriptor_count); /* cItems (4 bytes) */
-+
-+	for (i = 0; i < file_descriptor_count; i++)
-+	{
-+		int c;
-+		UINT64 lastWriteTime;
-+		const FILEDESCRIPTORW* file = &file_descriptor_array[i];
-+
-+		/*
-+		 * There is a known issue with Windows server getting stuck in
-+		 * an infinite loop when downloading files that are larger than
-+		 * 2 gigabytes. Do not allow clients to send such file lists.
-+		 *
-+		 * https://support.microsoft.com/en-us/help/2258090
-+		 */
-+		if ((flags & CB_HUGE_FILE_SUPPORT_ENABLED) == 0)
-+		{
-+			if ((file->nFileSizeHigh > 0) || (file->nFileSizeLow >= CLIPRDR_MAX_FILE_SIZE))
-+			{
-+				WLog_ERR(TAG, "cliprdr does not support files over 2 GB");
-+				result = ERROR_FILE_TOO_LARGE;
-+				goto error;
-+			}
-+		}
-+
-+		Stream_Write_UINT32(s, file->dwFlags);          /* flags (4 bytes) */
-+		Stream_Zero(s, 32);                             /* reserved1 (32 bytes) */
-+		Stream_Write_UINT32(s, file->dwFileAttributes); /* fileAttributes (4 bytes) */
-+		Stream_Zero(s, 16);                             /* reserved2 (16 bytes) */
-+		lastWriteTime = filetime_to_uint64(file->ftLastWriteTime);
-+		Stream_Write_UINT64(s, lastWriteTime);       /* lastWriteTime (8 bytes) */
-+		Stream_Write_UINT32(s, file->nFileSizeHigh); /* fileSizeHigh (4 bytes) */
-+		Stream_Write_UINT32(s, file->nFileSizeLow);  /* fileSizeLow (4 bytes) */
-+		for (c = 0; c < 260; c++)                    /* cFileName (520 bytes) */
-+			Stream_Write_UINT16(s, file->cFileName[c]);
-+	}
-+
-+	Stream_SealLength(s);
-+
-+	Stream_GetBuffer(s, *format_data);
-+	Stream_GetLength(s, *format_data_length);
-+
-+	Stream_Free(s, FALSE);
-+
-+	return result;
-+
-+error:
-+	Stream_Free(s, TRUE);
-+
-+	return result;
-+}
-diff --git a/include/freerdp/channels/cliprdr.h b/include/freerdp/channels/cliprdr.h
-index fbf23f6e5..86fc65890 100644
--- a/include/freerdp/channels/cliprdr.h
-+++ b/include/freerdp/channels/cliprdr.h
-@@ -22,7 +22,6 @@
- 
- #include <freerdp/api.h>
- #include <freerdp/types.h>
-#include <freerdp/utils/cliprdr_utils.h>
- 
- #include <winpr/shell.h>
- 
-@@ -94,6 +93,17 @@ extern "C"
- {
- #endif
- 
-+	FREERDP_API UINT cliprdr_parse_file_list(const BYTE* format_data, UINT32 format_data_length,
-+	                                         FILEDESCRIPTORW** file_descriptor_array,
-+	                                         UINT32* file_descriptor_count);
-+	FREERDP_API UINT cliprdr_serialize_file_list(const FILEDESCRIPTORW* file_descriptor_array,
-+	                                             UINT32 file_descriptor_count, BYTE** format_data,
-+	                                             UINT32* format_data_length);
-+	FREERDP_API UINT cliprdr_serialize_file_list_ex(UINT32 flags,
-+	                                                const FILEDESCRIPTORW* file_descriptor_array,
-+	                                                UINT32 file_descriptor_count,
-+	                                                BYTE** format_data, UINT32* format_data_length);
-+
- #ifdef __cplusplus
- }
- #endif
-diff --git a/include/freerdp/utils/cliprdr_utils.h b/include/freerdp/utils/cliprdr_utils.h
-deleted file mode 100644
-index 59ecf848f..000000000
--- a/include/freerdp/utils/cliprdr_utils.h
-+++ /dev/null
-@@ -1,48 +0,0 @@
-/**
- * FreeRDP: A Remote Desktop Protocol Implementation
- * RDPDR utility functions
- *
- * Copyright 2022 Armin Novak <armin.novak@thincast.com>
- * Copyright 2022 Thincast Technologies GmbH
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef FREERDP_UTILS_CLIPRDR_H
-#define FREERDP_UTILS_CLIPRDR_H
-
-#include <winpr/wtypes.h>
-#include <winpr/shell.h>
-#include <freerdp/api.h>
-
-#ifdef __cplusplus
-extern "C"
-{
-#endif
-
-	FREERDP_API UINT cliprdr_parse_file_list(const BYTE* format_data, UINT32 format_data_length,
-	                                         FILEDESCRIPTORW** file_descriptor_array,
-	                                         UINT32* file_descriptor_count);
-	FREERDP_API UINT cliprdr_serialize_file_list(const FILEDESCRIPTORW* file_descriptor_array,
-	                                             UINT32 file_descriptor_count, BYTE** format_data,
-	                                             UINT32* format_data_length);
-	FREERDP_API UINT cliprdr_serialize_file_list_ex(UINT32 flags,
-	                                                const FILEDESCRIPTORW* file_descriptor_array,
-	                                                UINT32 file_descriptor_count,
-	                                                BYTE** format_data, UINT32* format_data_length);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
-diff --git a/libfreerdp/utils/CMakeLists.txt b/libfreerdp/utils/CMakeLists.txt
-index 2ec561d33..7bff6736a 100644
--- a/libfreerdp/utils/CMakeLists.txt
-+++ b/libfreerdp/utils/CMakeLists.txt
-@@ -20,7 +20,6 @@ set(MODULE_PREFIX "FREERDP_UTILS")
- 
- set(${MODULE_PREFIX}_SRCS
- 	passphrase.c
-	cliprdr_utils.c
- 	pcap.c
- 	profiler.c
- 	ringbuffer.c
-diff --git a/libfreerdp/utils/cliprdr_utils.c b/libfreerdp/utils/cliprdr_utils.c
-deleted file mode 100644
-index 7fb99d63a..000000000
--- a/libfreerdp/utils/cliprdr_utils.c
-+++ /dev/null
-@@ -1,235 +0,0 @@
-/**
- * FreeRDP: A Remote Desktop Protocol Implementation
- * Clipboard Virtual Channel Extension
- *
- * Copyright 2013 Marc-Andre Moreau <marcandre.moreau@gmail.com>
- * Copyright 2022 Armin Novak <anovak@thincast.com
- * Copyright 2022 Thincast Technologies GmbH
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *	 http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <winpr/stream.h>
-#include <freerdp/utils/cliprdr_utils.h>
-#include <freerdp/channels/cliprdr.h>
-
-#include <freerdp/log.h>
-#define TAG FREERDP_TAG("utils." CLIPRDR_SVC_CHANNEL_NAME)
-
-#define CLIPRDR_FILEDESCRIPTOR_SIZE (4 + 32 + 4 + 16 + 8 + 8 + 520)
-#define CLIPRDR_MAX_FILE_SIZE (2U * 1024 * 1024 * 1024)
-
-static UINT64 filetime_to_uint64(FILETIME value)
-{
-	UINT64 converted = 0;
-	converted |= (UINT32)value.dwHighDateTime;
-	converted <<= 32;
-	converted |= (UINT32)value.dwLowDateTime;
-	return converted;
-}
-
-static FILETIME uint64_to_filetime(UINT64 value)
-{
-	FILETIME converted;
-	converted.dwLowDateTime = (UINT32)(value >> 0);
-	converted.dwHighDateTime = (UINT32)(value >> 32);
-	return converted;
-}
-
-/**
- * Parse a packed file list.
- *
- * The resulting array must be freed with the `free()` function.
- *
- * @param [in]  format_data            packed `CLIPRDR_FILELIST` to parse.
- * @param [in]  format_data_length     length of `format_data` in bytes.
- * @param [out] file_descriptor_array  parsed array of `FILEDESCRIPTOR` structs.
- * @param [out] file_descriptor_count  number of elements in `file_descriptor_array`.
- *
- * @returns 0 on success, otherwise a Win32 error code.
- */
-UINT cliprdr_parse_file_list(const BYTE* format_data, UINT32 format_data_length,
-                             FILEDESCRIPTORW** file_descriptor_array, UINT32* file_descriptor_count)
-{
-	UINT result = NO_ERROR;
-	UINT32 i;
-	UINT32 count = 0;
-	wStream sbuffer;
-	wStream* s = &sbuffer;
-
-	if (!format_data || !file_descriptor_array || !file_descriptor_count)
-		return ERROR_BAD_ARGUMENTS;
-
-	Stream_StaticInit(&sbuffer, format_data, format_data_length);
-	if (!s)
-		return ERROR_NOT_ENOUGH_MEMORY;
-
-	if (Stream_GetRemainingLength(s) < 4)
-	{
-		WLog_ERR(TAG, "invalid packed file list");
-
-		result = ERROR_INCORRECT_SIZE;
-		goto out;
-	}
-
-	Stream_Read_UINT32(s, count); /* cItems (4 bytes) */
-
-	if (Stream_GetRemainingLength(s) / CLIPRDR_FILEDESCRIPTOR_SIZE < count)
-	{
-		WLog_ERR(TAG, "packed file list is too short: expected %" PRIuz ", have %" PRIuz,
-		         ((size_t)count) * CLIPRDR_FILEDESCRIPTOR_SIZE, Stream_GetRemainingLength(s));
-
-		result = ERROR_INCORRECT_SIZE;
-		goto out;
-	}
-
-	*file_descriptor_count = count;
-	*file_descriptor_array = calloc(count, sizeof(FILEDESCRIPTORW));
-	if (!*file_descriptor_array)
-	{
-		result = ERROR_NOT_ENOUGH_MEMORY;
-		goto out;
-	}
-
-	for (i = 0; i < count; i++)
-	{
-		UINT64 tmp;
-		FILEDESCRIPTORW* file = &((*file_descriptor_array)[i]);
-
-		Stream_Read_UINT32(s, file->dwFlags);          /* flags (4 bytes) */
-		Stream_Read_UINT32(s, file->clsid.Data1);
-		Stream_Read_UINT16(s, file->clsid.Data2);
-		Stream_Read_UINT16(s, file->clsid.Data3);
-		Stream_Read(s, &file->clsid.Data4, sizeof(file->clsid.Data4));
-		Stream_Read_INT32(s, file->sizel.cx);
-		Stream_Read_INT32(s, file->sizel.cy);
-		Stream_Read_INT32(s, file->pointl.x);
-		Stream_Read_INT32(s, file->pointl.y);
-		Stream_Read_UINT32(s, file->dwFileAttributes); /* fileAttributes (4 bytes) */
-		Stream_Read_UINT64(s, tmp);                    /* ftCreationTime (8 bytes) */
-		file->ftCreationTime = uint64_to_filetime(tmp);
-		Stream_Read_UINT64(s, tmp); /* ftLastAccessTime (8 bytes) */
-		file->ftLastAccessTime = uint64_to_filetime(tmp);
-		Stream_Read_UINT64(s, tmp); /* lastWriteTime (8 bytes) */
-		file->ftLastWriteTime = uint64_to_filetime(tmp);
-		Stream_Read_UINT32(s, file->nFileSizeHigh); /* fileSizeHigh (4 bytes) */
-		Stream_Read_UINT32(s, file->nFileSizeLow);  /* fileSizeLow (4 bytes) */
-		Stream_Read_UTF16_String(s, file->cFileName,
-		                         ARRAYSIZE(file->cFileName)); /* cFileName (520 bytes) */
-	}
-
-	if (Stream_GetRemainingLength(s) > 0)
-		WLog_WARN(TAG, "packed file list has %" PRIuz " excess bytes",
-		          Stream_GetRemainingLength(s));
-out:
-
-	return result;
-}
-
-/**
- * Serialize a packed file list.
- *
- * The resulting format data must be freed with the `free()` function.
- *
- * @param [in]  file_descriptor_array  array of `FILEDESCRIPTOR` structs to serialize.
- * @param [in]  file_descriptor_count  number of elements in `file_descriptor_array`.
- * @param [out] format_data            serialized CLIPRDR_FILELIST.
- * @param [out] format_data_length     length of `format_data` in bytes.
- *
- * @returns 0 on success, otherwise a Win32 error code.
- */
-UINT cliprdr_serialize_file_list(const FILEDESCRIPTORW* file_descriptor_array,
-                                 UINT32 file_descriptor_count, BYTE** format_data,
-                                 UINT32* format_data_length)
-{
-	return cliprdr_serialize_file_list_ex(CB_STREAM_FILECLIP_ENABLED, file_descriptor_array,
-	                                      file_descriptor_count, format_data, format_data_length);
-}
-
-UINT cliprdr_serialize_file_list_ex(UINT32 flags, const FILEDESCRIPTORW* file_descriptor_array,
-                                    UINT32 file_descriptor_count, BYTE** format_data,
-                                    UINT32* format_data_length)
-{
-	UINT result = NO_ERROR;
-	UINT32 i;
-	size_t len;
-	wStream* s = NULL;
-
-	if (!file_descriptor_array || !format_data || !format_data_length)
-		return ERROR_BAD_ARGUMENTS;
-
-	if ((flags & CB_STREAM_FILECLIP_ENABLED) == 0)
-	{
-		WLog_WARN(TAG, "No file clipboard support annouonced!");
-		return ERROR_BAD_ARGUMENTS;
-	}
-
-	s = Stream_New(NULL, 4 + file_descriptor_count * CLIPRDR_FILEDESCRIPTOR_SIZE);
-	if (!s)
-		return ERROR_NOT_ENOUGH_MEMORY;
-
-	Stream_Write_UINT32(s, file_descriptor_count); /* cItems (4 bytes) */
-
-	for (i = 0; i < file_descriptor_count; i++)
-	{
-		int c;
-		UINT64 lastWriteTime;
-		const FILEDESCRIPTORW* file = &file_descriptor_array[i];
-
-		/*
-		 * There is a known issue with Windows server getting stuck in
-		 * an infinite loop when downloading files that are larger than
-		 * 2 gigabytes. Do not allow clients to send such file lists.
-		 *
-		 * https://support.microsoft.com/en-us/help/2258090
-		 */
-		if ((flags & CB_HUGE_FILE_SUPPORT_ENABLED) == 0)
-		{
-			if ((file->nFileSizeHigh > 0) || (file->nFileSizeLow >= CLIPRDR_MAX_FILE_SIZE))
-			{
-				WLog_ERR(TAG, "cliprdr does not support files over 2 GB");
-				result = ERROR_FILE_TOO_LARGE;
-				goto error;
-			}
-		}
-
-		Stream_Write_UINT32(s, file->dwFlags);          /* flags (4 bytes) */
-		Stream_Zero(s, 32);                             /* reserved1 (32 bytes) */
-		Stream_Write_UINT32(s, file->dwFileAttributes); /* fileAttributes (4 bytes) */
-		Stream_Zero(s, 16);                             /* reserved2 (16 bytes) */
-		lastWriteTime = filetime_to_uint64(file->ftLastWriteTime);
-		Stream_Write_UINT64(s, lastWriteTime);       /* lastWriteTime (8 bytes) */
-		Stream_Write_UINT32(s, file->nFileSizeHigh); /* fileSizeHigh (4 bytes) */
-		Stream_Write_UINT32(s, file->nFileSizeLow);  /* fileSizeLow (4 bytes) */
-		for (c = 0; c < 260; c++)                    /* cFileName (520 bytes) */
-			Stream_Write_UINT16(s, file->cFileName[c]);
-	}
-
-	Stream_SealLength(s);
-
-	Stream_GetBuffer(s, *format_data);
-	Stream_GetLength(s, len);
-	if (len > UINT32_MAX)
-		goto error;
-
-	*format_data_length = (UINT32)len;
-
-	Stream_Free(s, FALSE);
-
-	return result;
-
-error:
-	Stream_Free(s, TRUE);
-
-	return result;
-}
-- 
-2.46.1
-
--- a/SOURCES/cache-offscreen-invalidate-bitmap-before-free.patch
+++ b/SOURCES/cache-offscreen-invalidate-bitmap-before-free.patch
@ -1,46 +0,0 @@
-From 4a4126380430a3517d1015b628475b816705ceb4 Mon Sep 17 00:00:00 2001
-From: Ondrej Holy <oholy@redhat.com>
-Date: Thu, 22 Jan 2026 12:52:16 +0100
-Subject: [PATCH] [cache,offscreen] invalidate bitmap before free
-
-Backport of commit 52106a26726a2aba77aa6d86014d2eb3507f0783.
-
-Co-Authored-By: Claude <noreply@anthropic.com>
---
- libfreerdp/cache/offscreen.c | 10 ++++++++--
- 1 file changed, 8 insertions(+), 2 deletions(-)
-
-diff --git a/libfreerdp/cache/offscreen.c b/libfreerdp/cache/offscreen.c
-index cdad56b4d..11e6caf21 100644
--- a/libfreerdp/cache/offscreen.c
-+++ b/libfreerdp/cache/offscreen.c
-@@ -160,7 +160,7 @@ void offscreen_cache_put(rdpOffscreenCache* offscreenCache, UINT32 index, rdpBit
- 
- void offscreen_cache_delete(rdpOffscreenCache* offscreenCache, UINT32 index)
- {
-	rdpBitmap* prevBitmap;
-+	WINPR_ASSERT(offscreenCache);
- 
- 	if (index >= offscreenCache->maxEntries)
- 	{
-@@ -168,10 +168,16 @@ void offscreen_cache_delete(rdpOffscreenCache* offscreenCache, UINT32 index)
- 		return;
- 	}
- 
-	prevBitmap = offscreenCache->entries[index];
-+	rdpBitmap* prevBitmap = offscreenCache->entries[index];
- 
- 	if (prevBitmap != NULL)
-+	{
-+		WINPR_ASSERT(offscreenCache->update->context);
-+
-+		/* Ensure that the bitmap is no longer used in GDI */
-+		IFCALL(prevBitmap->SetSurface, offscreenCache->update->context, NULL, FALSE);
- 		Bitmap_Free(offscreenCache->update->context, prevBitmap);
-+	}
- 
- 	offscreenCache->entries[index] = NULL;
- }
-- 
-2.52.0
-
--- a/SOURCES/client-x11-fix-double-free-in-case-of-invalid-pointe.patch
+++ b/SOURCES/client-x11-fix-double-free-in-case-of-invalid-pointe.patch
@ -1,53 +0,0 @@
-From c0e85d92e45dff6c9a12e6af5be2e9ed10b4990c Mon Sep 17 00:00:00 2001
-From: Ondrej Holy <oholy@redhat.com>
-Date: Thu, 22 Jan 2026 12:51:08 +0100
-Subject: [PATCH] [client,x11] fix double free in case of invalid pointer
-
-Backport of commit 0421b53fcb4a80c95f51342e4a2c40c68a4101d3.
-
-Co-Authored-By: Claude <noreply@anthropic.com>
---
- client/X11/xf_graphics.c | 13 ++++++-------
- 1 file changed, 6 insertions(+), 7 deletions(-)
-
-diff --git a/client/X11/xf_graphics.c b/client/X11/xf_graphics.c
-index 5aa1fd48b..d596b23da 100644
--- a/client/X11/xf_graphics.c
-+++ b/client/X11/xf_graphics.c
-@@ -406,7 +406,6 @@ static BOOL xf_Pointer_New(rdpContext* context, rdpPointer* pointer)
- 	BOOL rc = FALSE;
- #ifdef WITH_XCURSOR
- 	UINT32 CursorFormat;
-	size_t size;
- 	xfContext* xfc = (xfContext*)context;
- 	xfPointer* xpointer = (xfPointer*)pointer;
- 
-@@ -421,19 +420,19 @@ static BOOL xf_Pointer_New(rdpContext* context, rdpPointer* pointer)
- 	xpointer->nCursors = 0;
- 	xpointer->mCursors = 0;
- 
-	size = 1ull * pointer->height * pointer->width * GetBytesPerPixel(CursorFormat);
-+	const size_t size =
-+	    1ull * pointer->height * pointer->width * GetBytesPerPixel(CursorFormat);
- 
-	if (!(xpointer->cursorPixels = (XcursorPixel*)_aligned_malloc(size, 16)))
-+	xpointer->cursorPixels = (XcursorPixel*)_aligned_malloc(size, 16);
-+	if (!xpointer->cursorPixels)
- 		goto fail;
- 
- 	if (!freerdp_image_copy_from_pointer_data(
- 	        (BYTE*)xpointer->cursorPixels, CursorFormat, 0, 0, 0, pointer->width, pointer->height,
- 	        pointer->xorMaskData, pointer->lengthXorMask, pointer->andMaskData,
- 	        pointer->lengthAndMask, pointer->xorBpp, &context->gdi->palette))
-	{
-		_aligned_free(xpointer->cursorPixels);
-		return FALSE;
-	}
-+		goto fail;
-+
- 	rc = TRUE;
- 
- #endif
-- 
-2.52.0
-
--- a/SOURCES/codec-clear-check-clear_decomress-glyphData.patch
+++ b/SOURCES/codec-clear-check-clear_decomress-glyphData.patch
@ -1,76 +0,0 @@
-From 3a4ee3f0020977320066b99da16456b6364c1365 Mon Sep 17 00:00:00 2001
-From: Ondrej Holy <oholy@redhat.com>
-Date: Thu, 22 Jan 2026 12:50:22 +0100
-Subject: [PATCH] [codec,clear] check clear_decomress glyphData
-
-Backport of commit 243ecf804bb122e8e643a5c142ad5a49d7aa19ee.
-
-Co-Authored-By: Claude <noreply@anthropic.com>
---
- libfreerdp/codec/clear.c | 50 +++++++++++++++++++++++++++++++++++++++-
- 1 file changed, 49 insertions(+), 1 deletion(-)
-
-diff --git a/libfreerdp/codec/clear.c b/libfreerdp/codec/clear.c
-index 4f0aead10..fcafb9235 100644
--- a/libfreerdp/codec/clear.c
-+++ b/libfreerdp/codec/clear.c
-@@ -1145,7 +1145,55 @@ INT32 clear_decompress(CLEAR_CONTEXT* clear, const BYTE* pSrcData, UINT32 SrcSiz
- 
- 	if (glyphData)
- 	{
-		if (!freerdp_image_copy(glyphData, clear->format, 0, 0, 0, nWidth, nHeight, pDstData,
-+		uint32_t w = MIN(nWidth, nDstWidth);
-+		if (nXDst > nDstWidth)
-+		{
-+			WLog_WARN(TAG, "glyphData copy area x exceeds destination: x=%" PRIu32 " > %" PRIu32,
-+			          nXDst, nDstWidth);
-+			w = 0;
-+		}
-+		else if (nXDst + w > nDstWidth)
-+		{
-+			WLog_WARN(TAG,
-+			          "glyphData copy area x + width exceeds destination: x=%" PRIu32 " + %" PRIu32
-+			          " > %" PRIu32,
-+			          nXDst, w, nDstWidth);
-+			w = nDstWidth - nXDst;
-+		}
-+
-+		if (w != nWidth)
-+		{
-+			WLog_WARN(TAG,
-+			          "glyphData copy area width truncated: requested=%" PRIu32
-+			          ", truncated to %" PRIu32,
-+			          nWidth, w);
-+		}
-+
-+		uint32_t h = MIN(nHeight, nDstHeight);
-+		if (nYDst > nDstHeight)
-+		{
-+			WLog_WARN(TAG, "glyphData copy area y exceeds destination: y=%" PRIu32 " > %" PRIu32,
-+			          nYDst, nDstHeight);
-+			h = 0;
-+		}
-+		else if (nYDst + h > nDstHeight)
-+		{
-+			WLog_WARN(TAG,
-+			          "glyphData copy area y + height exceeds destination: x=%" PRIu32 " + %" PRIu32
-+			          " > %" PRIu32,
-+			          nYDst, h, nDstHeight);
-+			h = nDstHeight - nYDst;
-+		}
-+
-+		if (h != nHeight)
-+		{
-+			WLog_WARN(TAG,
-+			          "glyphData copy area height truncated: requested=%" PRIu32
-+			          ", truncated to %" PRIu32,
-+			          nHeight, h);
-+		}
-+
-+		if (!freerdp_image_copy(glyphData, clear->format, 0, 0, 0, w, h, pDstData,
- 		                        DstFormat, nDstStep, nXDst, nYDst, palette, FREERDP_FLIP_NONE))
- 			goto fail;
- 	}
-- 
-2.52.0
-
--- a/SOURCES/codec-clear-fix-clear_resize_buffer-checks.patch
+++ b/SOURCES/codec-clear-fix-clear_resize_buffer-checks.patch
@ -1,61 +0,0 @@
-From 00a593f9eda67212539e4dcac68ea5a699eb3e93 Mon Sep 17 00:00:00 2001
-From: Ondrej Holy <oholy@redhat.com>
-Date: Thu, 22 Jan 2026 12:48:37 +0100
-Subject: [PATCH] [codec,clear] fix clear_resize_buffer checks
-
-Backport of commit c4391827d7facfc874ca7f61a92afb82232a5748.
-
-Co-Authored-By: Claude <noreply@anthropic.com>
---
- libfreerdp/codec/clear.c | 17 +++++++++--------
- 1 file changed, 9 insertions(+), 8 deletions(-)
-
-diff --git a/libfreerdp/codec/clear.c b/libfreerdp/codec/clear.c
-index e38fa0dcf..299acef2e 100644
--- a/libfreerdp/codec/clear.c
-+++ b/libfreerdp/codec/clear.c
-@@ -62,7 +62,7 @@ struct _CLEAR_CONTEXT
- 	NSC_CONTEXT* nsc;
- 	UINT32 seqNumber;
- 	BYTE* TempBuffer;
-	UINT32 TempSize;
-+	size_t TempSize;
- 	UINT32 nTempStep;
- 	UINT32 TempFormat;
- 	UINT32 format;
-@@ -313,24 +313,25 @@ static BOOL clear_decompress_subcode_rlex(wStream* s, UINT32 bitmapDataByteCount
- 
- static BOOL clear_resize_buffer(CLEAR_CONTEXT* clear, UINT32 width, UINT32 height)
- {
-	UINT32 size;
-
- 	if (!clear)
- 		return FALSE;
- 
-	size = ((width + 16) * (height + 16) * GetBytesPerPixel(clear->format));
-+	const UINT64 size = 1ull * (width + 16ull) * (height + 16ull);
-+	const size_t bpp = GetBytesPerPixel(clear->format);
-+	if (size > UINT32_MAX / bpp)
-+		return FALSE;
- 
-	if (size > clear->TempSize)
-+	if (size > clear->TempSize / bpp)
- 	{
-		BYTE* tmp = (BYTE*)realloc(clear->TempBuffer, size);
-+		BYTE* tmp = (BYTE*)realloc(clear->TempBuffer, size * bpp);
- 
- 		if (!tmp)
- 		{
-			WLog_ERR(TAG, "clear->TempBuffer realloc failed for %" PRIu32 " bytes", size);
-+			WLog_ERR(TAG, "clear->TempBuffer realloc failed for %" PRIu64 " bytes", size);
- 			return FALSE;
- 		}
- 
-		clear->TempSize = size;
-+		clear->TempSize = size * bpp;
- 		clear->TempBuffer = tmp;
- 	}
- 
-- 
-2.52.0
-
--- a/SOURCES/codec-clear-fix-off-by-one-length-check.patch
+++ b/SOURCES/codec-clear-fix-off-by-one-length-check.patch
@ -1,35 +0,0 @@
-From 5b03db3926bd7bc1bf5819de068ed71a73b25236 Mon Sep 17 00:00:00 2001
-From: Ondrej Holy <oholy@redhat.com>
-Date: Thu, 22 Jan 2026 12:49:28 +0100
-Subject: [PATCH] [codec,clear] fix off by one length check
-
-Backport of commit f8688b57f6cfad9a0b05475a6afbde355ffab720.
-
-Co-Authored-By: Claude <noreply@anthropic.com>
---
- libfreerdp/codec/clear.c | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/libfreerdp/codec/clear.c b/libfreerdp/codec/clear.c
-index 09f5dad6d..4f0aead10 100644
--- a/libfreerdp/codec/clear.c
-+++ b/libfreerdp/codec/clear.c
-@@ -881,11 +881,14 @@ static BOOL clear_decompress_bands_data(CLEAR_CONTEXT* clear, wStream* s, UINT32
- 				if (count > nHeight)
- 					count = nHeight;
- 
-				if (nXDstRel + i > nDstWidth)
-+				if (nXDstRel + i >= nDstWidth)
- 					return FALSE;
- 
- 				for (UINT32 y = 0; y < count; y++)
- 				{
-+					if (nYDstRel + y >= nDstHeight)
-+						return FALSE;
-+
- 					BYTE* pDstPixel8 = &pDstData[((nYDstRel + y) * nDstStep) +
- 					                             ((nXDstRel + i) * GetBytesPerPixel(DstFormat))];
- 					UINT32 color = ReadColor(cpSrcPixel, clear->format);
-- 
-2.52.0
-
--- a/SOURCES/codec-planar-fix-decoder-length-checks.patch
+++ b/SOURCES/codec-planar-fix-decoder-length-checks.patch
@ -1,31 +0,0 @@
-From 2d656eb6b29a68de7f19e8a1cce169259e7506b4 Mon Sep 17 00:00:00 2001
-From: Ondrej Holy <oholy@redhat.com>
-Date: Tue, 27 Jan 2026 14:35:43 +0100
-Subject: [PATCH] [codec,planar] fix decoder length checks
-
-Backport of commit 1bab198a2edd0d0e6e1627d21a433151ea190.
-
-Co-Authored-By: Claude <noreply@anthropic.com>
---
- libfreerdp/codec/planar.c | 5 +++++
- 1 file changed, 5 insertions(+)
-
-diff --git a/libfreerdp/codec/planar.c b/libfreerdp/codec/planar.c
-index fe27011e1..1cb2e22bc 100644
--- a/libfreerdp/codec/planar.c
-+++ b/libfreerdp/codec/planar.c
-@@ -616,6 +616,11 @@ BOOL planar_decompress(BITMAP_PLANAR_CONTEXT* planar, const BYTE* pSrcData, UINT
- 	WINPR_ASSERT(planar);
- 	WINPR_ASSERT(prims);
- 
-+	if (planar->maxWidth < nSrcWidth)
-+		return FALSE;
-+	if (planar->maxHeight < nSrcHeight)
-+		return FALSE;
-+
- 	if (nDstStep <= 0)
- 		nDstStep = nDstWidth * GetBytesPerPixel(DstFormat);
- 
-- 
-2.52.0
-
--- a/SOURCES/gdi-gfx-properly-clamp-SurfaceToSurface.patch
+++ b/SOURCES/gdi-gfx-properly-clamp-SurfaceToSurface.patch
@ -1,50 +0,0 @@
-From ef99da020599a666b7d171eec6ab527b47dd33f3 Mon Sep 17 00:00:00 2001
-From: Ondrej Holy <oholy@redhat.com>
-Date: Thu, 22 Jan 2026 12:47:42 +0100
-Subject: [PATCH] [gdi,gfx] properly clamp SurfaceToSurface
-
-Backport of commit c4a7c371342edf0d307cea728f56d3302f0ab38c.
-
-Co-Authored-By: Claude <noreply@anthropic.com>
---
- libfreerdp/gdi/gfx.c | 9 +++++----
- 1 file changed, 5 insertions(+), 4 deletions(-)
-
-diff --git a/libfreerdp/gdi/gfx.c b/libfreerdp/gdi/gfx.c
-index 3970715e0..968a5a17c 100644
--- a/libfreerdp/gdi/gfx.c
-+++ b/libfreerdp/gdi/gfx.c
-@@ -1175,7 +1175,6 @@ static UINT gdi_SurfaceToSurface(RdpgfxClientContext* context,
- 	UINT status = ERROR_INTERNAL_ERROR;
- 	UINT16 index;
- 	BOOL sameSurface;
-	UINT32 nWidth, nHeight;
- 	const RECTANGLE_16* rectSrc;
- 	RECTANGLE_16 invalidRect;
- 	gdiGfxSurface* surfaceSrc;
-@@ -1199,8 +1198,8 @@ static UINT gdi_SurfaceToSurface(RdpgfxClientContext* context,
- 	if (!is_rect_valid(rectSrc, surfaceSrc->width, surfaceSrc->height))
- 		goto fail;
- 
-	nWidth = rectSrc->right - rectSrc->left;
-	nHeight = rectSrc->bottom - rectSrc->top;
-+	const UINT32 nWidth = rectSrc->right - rectSrc->left;
-+	const UINT32 nHeight = rectSrc->bottom - rectSrc->top;
- 
- 	for (index = 0; index < surfaceToSurface->destPtsCount; index++)
- 	{
-@@ -1209,8 +1208,10 @@ static UINT gdi_SurfaceToSurface(RdpgfxClientContext* context,
- 		if (!is_rect_valid(&rect, surfaceDst->width, surfaceDst->height))
- 			goto fail;
- 
-+		const UINT32 rwidth = rect.right - rect.left;
-+		const UINT32 rheight = rect.bottom - rect.top;
- 		if (!freerdp_image_copy(surfaceDst->data, surfaceDst->format, surfaceDst->scanline,
-		                        destPt->x, destPt->y, nWidth, nHeight, surfaceSrc->data,
-+		                        destPt->x, destPt->y, rwidth, rheight, surfaceSrc->data,
- 		                        surfaceSrc->format, surfaceSrc->scanline, rectSrc->left,
- 		                        rectSrc->top, NULL, FREERDP_FLIP_NONE))
- 			goto fail;
-- 
-2.52.0
-
--- a/SPECS/freerdp.spec
+++ b/SPECS/freerdp.spec
@ -27,7 +27,7 @@

 Name:           freerdp
 Version:        2.11.7
-Release:        2%{?dist}
+Release:        1%{?dist}
 Epoch:          2
 Summary:        Free implementation of the Remote Desktop Protocol (RDP)
 License:        ASL 2.0
@ -35,31 +35,6 @@ URL:            http://www.freerdp.com/

 Source0:        https://github.com/FreeRDP/FreeRDP/archive/%{version}/FreeRDP-%{version}.tar.gz

-# Revert changes that break API
-# https://issues.redhat.com/browse/RHEL-53081
-Patch0:	        Revert-Moved-clipboard-utils-to-core-library-fixes-6.patch
-
-# https://github.com/FreeRDP/FreeRDP/commit/c4a7c371342edf0d307cea728f56d3302f0ab38c
-Patch1:         gdi-gfx-properly-clamp-SurfaceToSurface.patch
-
-# https://github.com/FreeRDP/FreeRDP/commit/c4391827d7facfc874ca7f61a92afb82232a5748
-Patch2:         codec-clear-fix-clear_resize_buffer-checks.patch
-
-# https://github.com/FreeRDP/FreeRDP/commit/f8688b57f6cfad9a0b05475a6afbde355ffab720
-Patch3:         codec-clear-fix-off-by-one-length-check.patch
-
-# https://github.com/FreeRDP/FreeRDP/commit/1bab198a2edd0d0e6e1627d21a433151ea190500
-Patch4:         codec-planar-fix-decoder-length-checks.patch
-
-# https://github.com/FreeRDP/FreeRDP/commit/243ecf804bb122e8e643a5c142ad5a49d7aa19ee
-Patch5:         codec-clear-check-clear_decomress-glyphData.patch
-
-# https://github.com/FreeRDP/FreeRDP/commit/0421b53fcb4a80c95f51342e4a2c40c68a4101d3
-Patch6:         client-x11-fix-double-free-in-case-of-invalid-pointe.patch
-
-# https://github.com/FreeRDP/FreeRDP/commit/52106a26726a2aba77aa6d86014d2eb3507f0783
-Patch7:         cache-offscreen-invalidate-bitmap-before-free.patch
-
 BuildRequires:  gcc
 BuildRequires:  gcc-c++
 BuildRequires:  alsa-lib-devel
@ -317,63 +292,144 @@ find %{buildroot} -name "*.a" -delete
 %{_libdir}/pkgconfig/winpr-tools2.pc

 %changelog
-* Tue Jan 27 2026 Ondrej Holy <oholy@redhat.com> - 2:2.11.7-2
- Backport several CVE fixes
-  Resolves: RHEL-142417, RHEL-142401, RHEL-142385, RHEL-142369, RHEL-142353
-  Resolves: RHEL-142337, RHEL-142321
+* Thu May 09 2024 Ondrej Holy <oholy@redhat.com> - 2:2.11.7-1
+- Update to 2.11.7 (CVE-2024-32039, CVE-2024-32040, CVE-2024-32041,
+  CVE-2024-32458, CVE-2024-32459, CVE-2024-32460, CVE-2024-32658,
+  CVE-2024-32659, CVE-2024-32660, CVE-2024-32661, CVE-2024-32662)

-* Tue Oct 01 2024 Ondrej Holy <oholy@redhat.com> - 2:2.11.7-1
- Update to 2.11.7 (RHEL-53081)
+* Tue Mar 12 2024 Ondrej Holy <oholy@redhat.com> - 2:2.11.2-2
+- CVE-2024-22211: Check codec resolution for overflow (RHEL-22244)

-* Tue Dec 13 2022 Ondrej Holy <oholy@redhat.com> - 2:2.2.0-10
- Fix "implicit declaration of function" errors (#2136153, #2145139)
+* Fri Nov 10 2023 Ondrej Holy <oholy@redhat.com> - 2:2.11.2-1
+- Update to 2.11.2 (RHEL-4290, RHEL-4292, RHEL-4296, RHEL-4298, RHEL-4300,
+  RHEL-4302, RHEL-4304, RHEL-4306, RHEL-4308, RHEL-4310, RHEL-4312,
+  RHEL-10060)

-* Thu Dec 08 2022 Ondrej Holy <oholy@redhat.com> - - 2:2.2.0-9
- CVE-2022-39282: Fix length checks in parallel driver (#2136151)
- CVE-2022-39283: Add missing length check in video channel (#2136153)
- CVE-2022-39316, CVE-2022-39317: Add missing length checks in zgfx (#2145139)
- CVE-2022-39318: Fix division by zero in urbdrc channel (#2145139)
- CVE-2022-39319: Add missing length checks in urbdrc channel (#2145139)
- CVE-2022-39320: Ensure urb_create_iocompletion uses size_t (#2145139)
- CVE-2022-39347: Fix path validation in drive channel (#2145139)
- CVE-2022-41877: Add missing length check in drive channel (#2145139)
+* Tue Dec 13 2022 Ondrej Holy <oholy@redhat.com> - 2:2.4.1-5
+- Fix "implicit declaration of function" errors (#2136155, #2145140)

-* Thu Aug 11 2022 Ondrej Holy <oholy@redhat.com> - 2:2.2.0-8
- Fix /monitor-list output (rhbz#2108866)
+* Thu Dec 08 2022 Ondrej Holy <oholy@redhat.com> - - 2:2.4.1-4
+- CVE-2022-39282: Fix length checks in parallel driver (#2136152)
+- CVE-2022-39283: Add missing length check in video channel (#2136154)
+- CVE-2022-39316, CVE-2022-39317: Add missing length checks in zgfx (#2145140)
+- CVE-2022-39318: Fix division by zero in urbdrc channel (#2145140)
+- CVE-2022-39319: Add missing length checks in urbdrc channel (#2145140)
+- CVE-2022-39320: Ensure urb_create_iocompletion uses size_t (#2145140)
+- CVE-2022-39347: Fix path validation in drive channel (#2145140)
+- CVE-2022-41877: Add missing length check in drive channel (#2145140)

-* Wed Nov 10 2021 Ondrej Holy <oholy@redhat.com> - 2:2.2.0-4
- Refactored RPC gateway parser (rhbz#2017949)
+* Wed Jun 22 2022 Ondrej Holy <oholy@redhat.com> - - 2:2.4.1-3
+- Fix gateway functionality with OpenSSL 3.0 (#2023262)

-* Fri Nov 05 2021 Felipe Borges <feborges@redhat.com> - 2:2.2.0-3
- Add checks for bitmap and glyph width and heigth values (rhbz#2017956)
+* Fri Nov 26 2021 Ondrej Holy <oholy@redhat.com> - 2:2.4.1-2
+- Fix datatype mismatch / big-endian breakage
+- Load legacy provider when initializing OpenSSL 3.0

-* Wed Apr 28 2021 Ondrej Holy <oholy@redhat.com> - 2:2.2.0-2
- Fix exit codes for /help and similar options (rhbz#1910029)
+* Wed Nov 10 2021 Ondrej Holy <oholy@redhat.com> - 2:2.4.1-1
+- Update to 2.4.1 (CVE-2021-41159, CVE-2021-41160).

-* Fri Nov 20 2020 Ondrej Holy <oholy@redhat.com> - 2:2.2.0-1
- Update to 2.2.0 (rhbz#1881971)
+* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 2:2.4.0-3
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+  Related: rhbz#1991688

-* Mon May 25 2020 Ondrej Holy <oholy@redhat.com> - 2:2.1.1-1
- Update to 2.1.1 (rhbz#1834287).
+* Tue Aug 03 2021 Ondrej Holy <oholy@redhat.com> - 2:2.4.0-2
+- Load legacy provider to fix rc4 with OpenSSL 3.0 (#1988443).

-* Fri Apr 17 2020 Ondrej Holy <oholy@redhat.com> - 2:2.0.0-47.rc4
- Fix SCARD_INSUFFICIENT_BUFFER error (rhbz#1803054)
- Do not advertise /usb in help output (rhbz#1761144)
+* Thu Jul 29 2021 Ondrej Holy <oholy@redhat.com> - 2:2.4.0-1
+- Update to 2.4.0.

-* Wed Nov 28 2018 Ondrej Holy <oholy@redhat.com> - 2:2.0.0-46.rc4
- Update to 2.0.0-rc4 (#1624340)
+* Wed Jun 16 2021 Mohan Boddu <mboddu@redhat.com> - 2:2.3.2-2
+- Rebuilt for RHEL 9 BETA for openssl 3.0
+  Related: rhbz#1971065

-* Mon Oct 15 2018 Ondrej Holy <oholy@redhat.com> - 2:2.0.0-45.rc3
- Disable server support in RHEL (#1639165)
+* Mon May 17 2021 Ondrej Holy <oholy@redhat.com> - 2:2.3.2-1
+- Update to 2.3.2 (#1951123).

-* Wed Oct 10 2018 Ondrej Holy <oholy@redhat.com> - 2:2.0.0-44.rc3
- Fix packaging issues found by rpmdiff (#1637487)
+* Mon May 17 2021 Ondrej Holy <oholy@redhat.com> - 2:2.2.0-8
+- Fix build with OpenSSL 3.0 (#1952937).

-* Tue Sep 25 2018 Ondrej Holy <oholy@redhat.com> - 2:2.0.0-43.rc3
- Fix important defects found by covscan (#1602500)
+* Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 2:2.2.0-7
+- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937

-* Thu Sep 06 2018 Ondrej Holy <oholy@redhat.com> - 2:2.0.0-42.rc3
- Update to 2.0.0-rc3 (#1624340)
+* Tue Mar 23 2021 Simone Caronni <negativo17@gmail.com> - 2:2.2.0-6
+- Explicitly enable Cairo support (#1938393).
+
+* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2:2.2.0-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+
+* Tue Aug 11 2020 Ondrej Holy <oholy@redhat.com> - 2:2.2.0-4
+- Use %%cmake_ macros to fix out-of-source builds (#1863586)
+
+* Sat Aug 01 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2:2.2.0-3
+- Second attempt - Rebuilt for
+  https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2:2.2.0-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Thu Jul 23 2020 Simone Caronni <negativo17@gmail.com> - 2:2.2.0-1
+- Update to 2.2.0.
+
+* Tue Jun 30 2020 Simone Caronni <negativo17@gmail.com> - 2:2.1.2-1
+- Update to 2.1.2.
+
+* Thu May 21 2020 Ondrej Holy <oholy@redhat.com> - 2:2.1.1-1
+- Update to 2.1.1.
+
+* Fri May 15 2020 Ondrej Holy <oholy@redhat.com> - 2:2.1.0-1
+- Update to 2.1.0 (#1833540).
+
+* Fri May 15 2020 Pete Walter <pwalter@fedoraproject.org> - 2:2.0.0-57.20200207git245fc60
+- Rebuild for ICU 67
+
+* Fri Feb 07 2020 Simone Caronni <negativo17@gmail.com> - 2:2.0.0-56.20200207git245fc60
+- Update to latest snapshot.
+
+* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2:2.0.0-55.20190820git6015229
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Fri Nov 01 2019 Pete Walter <pwalter@fedoraproject.org> - 2:2.0.0-54.20190820git6015229
+- Rebuild for ICU 65
+
+* Tue Aug 20 2019 Simone Caronni <negativo17@gmail.com> - 2:2.0.0-53.20190820git6015229
+- Update to latest snapshot.
+
+* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2:2.0.0-52.20190918git5e672d4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+
+* Sun Jul 21 2019 Simone Caronni <negativo17@gmail.com> - 2:2.0.0-51.20190918git5e672d4
+- Update to latest snapshot.
+
+* Sat May 18 2019 Simone Caronni <negativo17@gmail.com> - 2:2.0.0-50.20190517gitb907324
+- Update to latest snapshot.
+
+* Wed Mar 06 2019 Simone Caronni <negativo17@gmail.com> - 2:2.0.0-49.20190304git435872b
+- Fix for GFX color depth (Windows 10).
+
+* Thu Feb 28 2019 Simone Caronni <negativo17@gmail.com> - 2:2.0.0-48.20190228gitce386c8
+- Update to latest snapshot post rc4.
+- CVE-2018-1000852 (#1661642).
+
+* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2:2.0.0-47.rc4.1
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
+
+* Thu Nov 29 2018 Ondrej Holy <oholy@redhat.com> - 2:2.0.0-47.rc4
+- Update to 2.0.0-rc4
+
+* Mon Oct 15 2018 Simone Caronni <negativo17@gmail.com> - 2:2.0.0-46.20181008git00af869
+- Enable Xtest option (#1559606).
+
+* Mon Oct 15 2018 Simone Caronni <negativo17@gmail.com> - 2:2.0.0-45.20181008git00af869
+- Update to last snapshot post 2.0.0-rc3.
+
+* Mon Aug 20 2018 Simone Caronni <negativo17@gmail.com> - 2:2.0.0-44.rc3
+- Update SPEC file.
+
+* Sat Aug 04 2018 Mike DePaulo <mikedep333@fedoraproject.org> - 2:2.0.0-43.20180801.rc3
+- Update to 2.0.0-rc3
+
+* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2:2.0.0-42.20180405gita9ecd6a
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild

 * Mon Apr 09 2018 Simone Caronni <negativo17@gmail.com> - 2:2.0.0-41.20180405gita9ecd6a
 - Update to latest snapshot.