## This update for freerdp fixes the following issues: Update to version 3.24.2. Security issues fixed: * CVE-2026-25941: out-of-bounds read in the FreeRDP client RDPGFX channel (bsc#1258919). * CVE-2026-25942: buffer overflow of global array in `xf_rail_server_execute_result` (bsc#1258920). * CVE-2026-25952: heap use-after-free in `xf_SetWindowMinMaxInfo` (bsc#1258921). * CVE-2026-25953: heap use-after-free in `xf_AppUpdateWindowFromSurface` (bsc#1258923). * CVE-2026-25954: heap use-after-free in `xf_rail_server_local_move_size` (bsc#1258924). * CVE-2026-25955: heap use-after-free in `xf_AppUpdateWindowFromSurface` (bsc#1258973). * CVE-2026-25959: heap use-after-free in `xf_cliprdr_provide_data_` (bsc#1258976).
* bsc#1258919
* bsc#1258920
* bsc#1258921
* bsc#1258923
* bsc#1258924
* bsc#1258973
* bsc#1258976
* bsc#1258977
* bsc#1258979
* bsc#1258982
* bsc#1258985
* bsc#1259653
* bsc#1259679
* bsc#1259680
* bsc#1259684
* bsc#1259686
* bsc#1259689
* bsc#1259692
* bsc#1259693
* bsc#1261196
* bsc#1261198
* bsc#1261200
* bsc#1261211
* bsc#1261217
* bsc#1261222
* bsc#1261223
* bsc#1261226
* bsc#1261227
Cross-
* CVE-2026-25941
* CVE-2026-25942
* CVE-2026-25952
* CVE-2026-25953
* CVE-2026-25954
* CVE-2026-25955
* CVE-2026-25959
* CVE-2026-25997
* CVE-2026-26271
* CVE-2026-26955
* CVE-2026-26965
* CVE-2026-29774
* CVE-2026-29775
* CVE-2026-29776
* CVE-2026-31806
* CVE-2026-31883
* CVE-2026-31884
* CVE-2026-31885
* CVE-2026-31897
* CVE-2026-33952
* CVE-2026-33977
* CVE-2026-33982
* CVE-2026-33983
Get the latest Linux and open source security news straight to your inbox.