packages/freerdp
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

upgrade 2.10.0

Browse Source
This commit is contained in:
lyn1001 2023-04-23 15:03:08 +08:00
parent 92f7b201bd
commit 53a1564f91
8 changed files with 5 additions and 486 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
2.8.1.tar.gz → 2.10.0.tar.gz
View File

Binary file not shown.

48
CVE-2022-39316_CVE-2022-39317.patch
View File

@ -1,48 +0,0 @@
From e865c24efc40ebc52e75979c94cdd4ee2c1495b0 Mon Sep 17 00:00:00 2001
From: akallabeth <akallabeth@posteo.net>
Date: Thu, 13 Oct 2022 09:09:28 +0200
Subject: [PATCH] Added missing length checks in zgfx_decompress_segment
(cherry picked from commit 64716b335858109d14f27b51acc4c4d71a92a816)
---
libfreerdp/codec/zgfx.c | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)
diff --git a/libfreerdp/codec/zgfx.c b/libfreerdp/codec/zgfx.c
index 20fbd354571..e260aa6e28a 100644
--- a/libfreerdp/codec/zgfx.c
+++ b/libfreerdp/codec/zgfx.c
@@ -230,19 +230,19 @@ static BOOL zgfx_decompress_segment(ZGFX_CONTEXT* zgfx, wStream* stream, size_t
BYTE* pbSegment;
size_t cbSegment;
- if (!zgfx || !stream)
+ if (!zgfx || !stream || (segmentSize < 2))
return FALSE;
cbSegment = segmentSize - 1;
- if ((Stream_GetRemainingLength(stream) < segmentSize) || (segmentSize < 1) ||
- (segmentSize > UINT32_MAX))
+ if ((Stream_GetRemainingLength(stream) < segmentSize) || (segmentSize > UINT32_MAX))
return FALSE;
Stream_Read_UINT8(stream, flags); /* header (1 byte) */
zgfx->OutputCount = 0;
pbSegment = Stream_Pointer(stream);
- Stream_Seek(stream, cbSegment);
+ if (!Stream_SafeSeek(stream, cbSegment))
+ return FALSE;
if (!(flags & PACKET_COMPRESSED))
{
@@ -346,6 +346,9 @@ static BOOL zgfx_decompress_segment(ZGFX_CONTEXT* zgfx, wStream* stream, size_t
if (count > sizeof(zgfx->OutputBuffer) - zgfx->OutputCount)
return FALSE;
+ if (count > zgfx->cBitsRemaining / 8)
+ return FALSE;
+
CopyMemory(&(zgfx->OutputBuffer[zgfx->OutputCount]), zgfx->pbInputCurrent,
count);
zgfx_history_buffer_ring_write(zgfx, zgfx->pbInputCurrent, count);

36
CVE-2022-39318.patch
View File

@ -1,36 +0,0 @@
From 80adde17ddc4b596ed1dae0922a0c54ab3d4b8ea Mon Sep 17 00:00:00 2001
From: akallabeth <akallabeth@posteo.net>
Date: Thu, 13 Oct 2022 08:27:41 +0200
Subject: [PATCH] Fixed division by zero in urbdrc
(cherry picked from commit 731f8419d04b481d7160de1f34062d630ed48765)
---
channels/urbdrc/client/libusb/libusb_udevice.c | 12 +++++++++---
1 file changed, 9 insertions(+), 3 deletions(-)
diff --git a/channels/urbdrc/client/libusb/libusb_udevice.c b/channels/urbdrc/client/libusb/libusb_udevice.c
index 505c31d7b55..ef87f195f38 100644
--- a/channels/urbdrc/client/libusb/libusb_udevice.c
+++ b/channels/urbdrc/client/libusb/libusb_udevice.c
@@ -1221,12 +1221,18 @@ static int libusb_udev_isoch_transfer(IUDEVICE* idev, URBDRC_CHANNEL_CALLBACK* c
if (!Buffer)
Stream_Seek(user_data->data, (NumberOfPackets * 12));
- iso_packet_size = BufferSize / NumberOfPackets;
- iso_transfer = libusb_alloc_transfer(NumberOfPackets);
+ if (NumberOfPackets > 0)
+ {
+ iso_packet_size = BufferSize / NumberOfPackets;
+ iso_transfer = libusb_alloc_transfer((int)NumberOfPackets);
+ }
if (iso_transfer == NULL)
{
- WLog_Print(urbdrc->log, WLOG_ERROR, "Error: libusb_alloc_transfer.");
+ WLog_Print(urbdrc->log, WLOG_ERROR,
+ "Error: libusb_alloc_transfer [NumberOfPackets=%" PRIu32 ", BufferSize=%" PRIu32
+ " ]",
+ NumberOfPackets, BufferSize);
async_transfer_user_data_free(user_data);
return -1;
}

55
CVE-2022-39319.patch
View File

@ -1,55 +0,0 @@
From 11555828d2cf289b350baba5ad1f462f10b80b76 Mon Sep 17 00:00:00 2001
From: akallabeth <akallabeth@posteo.net>
Date: Thu, 13 Oct 2022 08:47:51 +0200
Subject: [PATCH] Fixed missing input buffer length check in urbdrc
(cherry picked from commit 497df00f741dd4fc89292aaef2db7368aee45d0d)
---
channels/urbdrc/client/data_transfer.c | 20 ++++++++++++++++++++
1 file changed, 20 insertions(+)
diff --git a/channels/urbdrc/client/data_transfer.c b/channels/urbdrc/client/data_transfer.c
index d8725c02cf3..aabeef84752 100644
--- a/channels/urbdrc/client/data_transfer.c
+++ b/channels/urbdrc/client/data_transfer.c
@@ -247,6 +247,10 @@ static UINT urbdrc_process_io_control(IUDEVICE* pdev, URBDRC_CHANNEL_CALLBACK* c
Stream_Read_UINT32(s, OutputBufferSize);
Stream_Read_UINT32(s, RequestId);
+
+ if (OutputBufferSize > UINT32_MAX - 4)
+ return ERROR_INVALID_DATA;
+
InterfaceId = ((STREAM_ID_PROXY << 30) | pdev->get_ReqCompletion(pdev));
out = urb_create_iocompletion(InterfaceId, MessageId, RequestId, OutputBufferSize + 4);
@@ -726,6 +730,15 @@ static UINT urb_bulk_or_interrupt_transfer(IUDEVICE* pdev, URBDRC_CHANNEL_CALLBA
Stream_Read_UINT32(s, TransferFlags); /** TransferFlags */
Stream_Read_UINT32(s, OutputBufferSize);
EndpointAddress = (PipeHandle & 0x000000ff);
+
+ if (transferDir == USBD_TRANSFER_DIRECTION_OUT)
+ {
+ if (!Stream_CheckAndLogRequiredLength(TAG, s, OutputBufferSize))
+ {
+ return ERROR_INVALID_DATA;
+ }
+ }
+
/** process TS_URB_BULK_OR_INTERRUPT_TRANSFER */
return pdev->bulk_or_interrupt_transfer(
pdev, callback, MessageId, RequestId, EndpointAddress, TransferFlags, noAck,
@@ -810,6 +823,13 @@ static UINT urb_isoch_transfer(IUDEVICE* pdev, URBDRC_CHANNEL_CALLBACK* callback
packetDescriptorData = Stream_Pointer(s);
Stream_Seek(s, NumberOfPackets * 12);
Stream_Read_UINT32(s, OutputBufferSize);
+
+ if (transferDir == USBD_TRANSFER_DIRECTION_OUT)
+ {
+ if (!Stream_CheckAndLogRequiredLength(TAG, s, OutputBufferSize))
+ return ERROR_INVALID_DATA;
+ }
+
return pdev->isoch_transfer(
pdev, callback, MessageId, RequestId, EndpointAddress, TransferFlags, StartFrame,
ErrorCount, noAck, packetDescriptorData, NumberOfPackets, OutputBufferSize,

29
CVE-2022-39320.patch
View File

@ -1,29 +0,0 @@
From 68c6a8c1878b5294aecb04d5e27531a720b3793f Mon Sep 17 00:00:00 2001
From: akallabeth <akallabeth@posteo.net>
Date: Thu, 13 Oct 2022 08:36:26 +0200
Subject: [PATCH] Ensure urb_create_iocompletion uses size_t for calculation
(cherry picked from commit de7e0f062ee53d00b4a966a43855a716e3478150)
---
channels/urbdrc/client/data_transfer.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/channels/urbdrc/client/data_transfer.c b/channels/urbdrc/client/data_transfer.c
index 69879612692..d8725c02cf3 100644
--- a/channels/urbdrc/client/data_transfer.c
+++ b/channels/urbdrc/client/data_transfer.c
@@ -97,7 +97,13 @@ static wStream* urb_create_iocompletion(UINT32 InterfaceField, UINT32 MessageId,
UINT32 OutputBufferSize)
{
const UINT32 InterfaceId = (STREAM_ID_PROXY << 30) | (InterfaceField & 0x3FFFFFFF);
- wStream* out = Stream_New(NULL, OutputBufferSize + 28);
+
+#if UINT32_MAX >= SIZE_MAX
+ if (OutputBufferSize > UINT32_MAX - 28ull)
+ return NULL;
+#endif
+
+ wStream* out = Stream_New(NULL, OutputBufferSize + 28ull);
if (!out)
return NULL;

285
CVE-2022-39347.patch
View File

@ -1,285 +0,0 @@
From 027424c2c6c0991cb9c22f9511478229c9b17e5d Mon Sep 17 00:00:00 2001
From: akallabeth <akallabeth@posteo.net>
Date: Mon, 24 Oct 2022 10:41:55 +0200
Subject: [PATCH] Fixed path validation in drive channel
Check that canonical path is a subpath of the shared directory
(cherry picked from commit 844c94e6d0438fa7bd8ff8d5513c3f69c3018b85)
---
channels/drive/client/drive_file.c | 106 ++++++++++++++++++-----------
channels/drive/client/drive_file.h | 8 +--
channels/drive/client/drive_main.c | 8 +--
3 files changed, 73 insertions(+), 49 deletions(-)
diff --git a/channels/drive/client/drive_file.c b/channels/drive/client/drive_file.c
index 3054385933c..1ea4ab9dabf 100644
--- a/channels/drive/client/drive_file.c
+++ b/channels/drive/client/drive_file.c
@@ -61,10 +61,14 @@
} while (0)
#endif
-static void drive_file_fix_path(WCHAR* path)
+static BOOL drive_file_fix_path(WCHAR* path, size_t length)
{
size_t i;
- size_t length = _wcslen(path);
+
+ if ((length == 0) || (length > UINT32_MAX))
+ return FALSE;
+
+ WINPR_ASSERT(path);
for (i = 0; i < length; i++)
{
@@ -75,58 +79,82 @@ static void drive_file_fix_path(WCHAR* path)
#ifdef WIN32
if ((length == 3) && (path[1] == L':') && (path[2] == L'/'))
- return;
+ return FALSE;
#else
if ((length == 1) && (path[0] == L'/'))
- return;
+ return FALSE;
#endif
if ((length > 0) && (path[length - 1] == L'/'))
path[length - 1] = L'\0';
+
+ return TRUE;
}
static WCHAR* drive_file_combine_fullpath(const WCHAR* base_path, const WCHAR* path,
- size_t PathLength)
+ size_t PathWCharLength)
{
- WCHAR* fullpath;
- size_t base_path_length;
+ BOOL ok = FALSE;
+ WCHAR* fullpath = NULL;
+ size_t length;
- if (!base_path || (!path && (PathLength > 0)))
- return NULL;
+ if (!base_path || (!path && (PathWCharLength > 0)))
+ goto fail;
- base_path_length = _wcslen(base_path) * 2;
- fullpath = (WCHAR*)calloc(1, base_path_length + PathLength + sizeof(WCHAR));
+ const size_t base_path_length = _wcsnlen(base_path, MAX_PATH);
+ length = base_path_length + PathWCharLength + 1;
+ fullpath = (WCHAR*)calloc(length, sizeof(WCHAR));
if (!fullpath)
+ goto fail;
+
+ CopyMemory(fullpath, base_path, base_path_length * sizeof(WCHAR));
+ if (path)
+ CopyMemory(&fullpath[base_path_length], path, PathWCharLength * sizeof(WCHAR));
+
+ if (!drive_file_fix_path(fullpath, length))
+ goto fail;
+
+ /* Ensure the path does not contain sequences like '..' */
+ const WCHAR dotdot[] = { '.', '.', '\0' };
+ if (_wcsstr(&fullpath[base_path_length], dotdot))
{
- WLog_ERR(TAG, "malloc failed!");
- return NULL;
+ char abuffer[MAX_PATH] = { 0 };
+ ConvertFromUnicode(CP_UTF8, 0, &fullpath[base_path_length], -1, (char**)&abuffer,
+ ARRAYSIZE(abuffer) - 1, NULL, NULL);
+
+ WLog_WARN(TAG, "[rdpdr] received invalid file path '%s' from server, aborting!",
+ &abuffer[base_path_length]);
+ goto fail;
}
- CopyMemory(fullpath, base_path, base_path_length);
- if (path)
- CopyMemory((char*)fullpath + base_path_length, path, PathLength);
- drive_file_fix_path(fullpath);
+ ok = TRUE;
+fail:
+ if (!ok)
+ {
+ free(fullpath);
+ fullpath = NULL;
+ }
return fullpath;
}
static BOOL drive_file_remove_dir(const WCHAR* path)
{
- WIN32_FIND_DATAW findFileData;
+ WIN32_FIND_DATAW findFileData = { 0 };
BOOL ret = TRUE;
- HANDLE dir;
- WCHAR* fullpath;
- WCHAR* path_slash;
- size_t base_path_length;
+ HANDLE dir = INVALID_HANDLE_VALUE;
+ WCHAR* fullpath = NULL;
+ WCHAR* path_slash = NULL;
+ size_t base_path_length = 0;
if (!path)
return FALSE;
- base_path_length = _wcslen(path) * 2;
- path_slash = (WCHAR*)calloc(1, base_path_length + sizeof(WCHAR) * 3);
+ base_path_length = _wcslen(path);
+ path_slash = (WCHAR*)calloc(base_path_length + 3, sizeof(WCHAR));
if (!path_slash)
{
@@ -134,12 +162,11 @@ static BOOL drive_file_remove_dir(const WCHAR* path)
return FALSE;
}
- CopyMemory(path_slash, path, base_path_length);
- path_slash[base_path_length / 2] = L'/';
- path_slash[base_path_length / 2 + 1] = L'*';
+ CopyMemory(path_slash, path, base_path_length * sizeof(WCHAR));
+ path_slash[base_path_length] = L'/';
+ path_slash[base_path_length + 1] = L'*';
DEBUG_WSTR("Search in %s", path_slash);
dir = FindFirstFileW(path_slash, &findFileData);
- path_slash[base_path_length / 2 + 1] = 0;
if (dir == INVALID_HANDLE_VALUE)
{
@@ -149,7 +176,7 @@ static BOOL drive_file_remove_dir(const WCHAR* path)
do
{
- size_t len = _wcslen(findFileData.cFileName);
+ const size_t len = _wcsnlen(findFileData.cFileName, ARRAYSIZE(findFileData.cFileName));
if ((len == 1 && findFileData.cFileName[0] == L'.') ||
(len == 2 && findFileData.cFileName[0] == L'.' && findFileData.cFileName[1] == L'.'))
@@ -157,7 +184,7 @@ static BOOL drive_file_remove_dir(const WCHAR* path)
continue;
}
- fullpath = drive_file_combine_fullpath(path_slash, findFileData.cFileName, len * 2);
+ fullpath = drive_file_combine_fullpath(path_slash, findFileData.cFileName, len);
DEBUG_WSTR("Delete %s", fullpath);
if (findFileData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY)
@@ -333,13 +360,13 @@ static BOOL drive_file_init(DRIVE_FILE* file)
return file->file_handle != INVALID_HANDLE_VALUE;
}
-DRIVE_FILE* drive_file_new(const WCHAR* base_path, const WCHAR* path, UINT32 PathLength, UINT32 id,
- UINT32 DesiredAccess, UINT32 CreateDisposition, UINT32 CreateOptions,
- UINT32 FileAttributes, UINT32 SharedAccess)
+DRIVE_FILE* drive_file_new(const WCHAR* base_path, const WCHAR* path, UINT32 PathWCharLength,
+ UINT32 id, UINT32 DesiredAccess, UINT32 CreateDisposition,
+ UINT32 CreateOptions, UINT32 FileAttributes, UINT32 SharedAccess)
{
DRIVE_FILE* file;
- if (!base_path || (!path && (PathLength > 0)))
+ if (!base_path || (!path && (PathWCharLength > 0)))
return NULL;
file = (DRIVE_FILE*)calloc(1, sizeof(DRIVE_FILE));
@@ -359,7 +386,7 @@ DRIVE_FILE* drive_file_new(const WCHAR* base_path, const WCHAR* path, UINT32 Pat
file->CreateDisposition = CreateDisposition;
file->CreateOptions = CreateOptions;
file->SharedAccess = SharedAccess;
- drive_file_set_fullpath(file, drive_file_combine_fullpath(base_path, path, PathLength));
+ drive_file_set_fullpath(file, drive_file_combine_fullpath(base_path, path, PathWCharLength));
if (!drive_file_init(file))
{
@@ -714,13 +741,10 @@ BOOL drive_file_set_information(DRIVE_FILE* file, UINT32 FsInformationClass, UIN
return FALSE;
fullpath = drive_file_combine_fullpath(file->basepath, (WCHAR*)Stream_Pointer(input),
- FileNameLength);
+ FileNameLength / sizeof(WCHAR));
if (!fullpath)
- {
- WLog_ERR(TAG, "drive_file_combine_fullpath failed!");
return FALSE;
- }
#ifdef _WIN32
@@ -759,7 +783,7 @@ BOOL drive_file_set_information(DRIVE_FILE* file, UINT32 FsInformationClass, UIN
}
BOOL drive_file_query_directory(DRIVE_FILE* file, UINT32 FsInformationClass, BYTE InitialQuery,
- const WCHAR* path, UINT32 PathLength, wStream* output)
+ const WCHAR* path, UINT32 PathWCharLength, wStream* output)
{
size_t length;
WCHAR* ent_path;
@@ -773,7 +797,7 @@ BOOL drive_file_query_directory(DRIVE_FILE* file, UINT32 FsInformationClass, BYT
if (file->find_handle != INVALID_HANDLE_VALUE)
FindClose(file->find_handle);
- ent_path = drive_file_combine_fullpath(file->basepath, path, PathLength);
+ ent_path = drive_file_combine_fullpath(file->basepath, path, PathWCharLength);
/* open new search handle and retrieve the first entry */
file->find_handle = FindFirstFileW(ent_path, &file->find_data);
free(ent_path);
diff --git a/channels/drive/client/drive_file.h b/channels/drive/client/drive_file.h
index ed789d6f09b..6d3bd7045cd 100644
--- a/channels/drive/client/drive_file.h
+++ b/channels/drive/client/drive_file.h
@@ -51,9 +51,9 @@ struct _DRIVE_FILE
UINT32 CreateOptions;
};
-DRIVE_FILE* drive_file_new(const WCHAR* base_path, const WCHAR* path, UINT32 PathLength, UINT32 id,
- UINT32 DesiredAccess, UINT32 CreateDisposition, UINT32 CreateOptions,
- UINT32 FileAttributes, UINT32 SharedAccess);
+DRIVE_FILE* drive_file_new(const WCHAR* base_path, const WCHAR* path, UINT32 PathWCharLength,
+ UINT32 id, UINT32 DesiredAccess, UINT32 CreateDisposition,
+ UINT32 CreateOptions, UINT32 FileAttributes, UINT32 SharedAccess);
BOOL drive_file_free(DRIVE_FILE* file);
BOOL drive_file_open(DRIVE_FILE* file);
@@ -64,6 +64,6 @@ BOOL drive_file_query_information(DRIVE_FILE* file, UINT32 FsInformationClass, w
BOOL drive_file_set_information(DRIVE_FILE* file, UINT32 FsInformationClass, UINT32 Length,
wStream* input);
BOOL drive_file_query_directory(DRIVE_FILE* file, UINT32 FsInformationClass, BYTE InitialQuery,
- const WCHAR* path, UINT32 PathLength, wStream* output);
+ const WCHAR* path, UINT32 PathWCharLength, wStream* output);
#endif /* FREERDP_CHANNEL_DRIVE_FILE_H */
diff --git a/channels/drive/client/drive_main.c b/channels/drive/client/drive_main.c
index 35dc704e099..b6cf2ad32bc 100644
--- a/channels/drive/client/drive_main.c
+++ b/channels/drive/client/drive_main.c
@@ -184,8 +184,8 @@ static UINT drive_process_irp_create(DRIVE_DEVICE* drive, IRP* irp)
path = (const WCHAR*)Stream_Pointer(irp->input);
FileId = irp->devman->id_sequence++;
- file = drive_file_new(drive->path, path, PathLength, FileId, DesiredAccess, CreateDisposition,
- CreateOptions, FileAttributes, SharedAccess);
+ file = drive_file_new(drive->path, path, PathLength / sizeof(WCHAR), FileId, DesiredAccess,
+ CreateDisposition, CreateOptions, FileAttributes, SharedAccess);
if (!file)
{
@@ -639,8 +639,8 @@ static UINT drive_process_irp_query_directory(DRIVE_DEVICE* drive, IRP* irp)
irp->IoStatus = STATUS_UNSUCCESSFUL;
Stream_Write_UINT32(irp->output, 0); /* Length */
}
- else if (!drive_file_query_directory(file, FsInformationClass, InitialQuery, path, PathLength,
- irp->output))
+ else if (!drive_file_query_directory(file, FsInformationClass, InitialQuery, path,
+ PathLength / sizeof(WCHAR), irp->output))
{
irp->IoStatus = drive_map_windows_err(GetLastError());
}

25
CVE-2022-41877.patch
View File

@ -1,25 +0,0 @@
From 6655841cf2a00b764f855040aecb8803cfc5eaba Mon Sep 17 00:00:00 2001
From: akallabeth <akallabeth@posteo.net>
Date: Mon, 24 Oct 2022 08:45:05 +0200
Subject: [PATCH] Fixed missing stream length check in
drive_file_query_directory
(cherry picked from commit 4e4bb79795d6ac85473fb7a83e53ccf63d204b93)
---
channels/drive/client/drive_main.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/channels/drive/client/drive_main.c b/channels/drive/client/drive_main.c
index 1b542252258..35dc704e099 100644
--- a/channels/drive/client/drive_main.c
+++ b/channels/drive/client/drive_main.c
@@ -629,6 +629,9 @@ static UINT drive_process_irp_query_directory(DRIVE_DEVICE* drive, IRP* irp)
Stream_Read_UINT32(irp->input, PathLength);
Stream_Seek(irp->input, 23); /* Padding */
path = (WCHAR*)Stream_Pointer(irp->input);
+ if (!Stream_CheckAndLogRequiredLength(TAG, irp->input, PathLength))
+ return ERROR_INVALID_DATA;
+
file = drive_get_file_by_id(drive, irp->FileId);
if (file == NULL)

13
freerdp.spec
View File

@ -1,6 +1,6 @@
Name: freerdp
Version: 2.8.1
Release: 4
Version: 2.10.0
Release: 1
Epoch: 2
Summary: A Remote Desktop Protocol Implementation
License: Apache-2.0
@ -8,12 +8,6 @@ URL: http://www.freerdp.com
Source0: https://github.com/FreeRDP/FreeRDP/archive/refs/tags/%{version}.tar.gz
Patch0001: Fix-freerdp-shadow-cli-exit-codes-for-help-and-version.patch
Patch0002: CVE-2022-39319.patch
Patch0003: CVE-2022-41877.patch
Patch0004: CVE-2022-39347.patch
Patch0005: CVE-2022-39316_CVE-2022-39317.patch
Patch0006: CVE-2022-39318.patch
Patch0007: CVE-2022-39320.patch
BuildRequires: gcc gcc-c++ alsa-lib-devel cmake >= 2.8 cups-devel gsm-devel libXrandr-devel libXv-devel
BuildRequires: libjpeg-turbo-devel libjpeg-turbo-devel libX11-devel libXcursor-devel libxkbfile-devel
@ -143,6 +137,9 @@ echo "%{_libdir}/freerdp2" > %{buildroot}%{_sysconfdir}/ld.so.conf.d/%{name}-%{_
%{_mandir}/*/*
%changelog
* Sun Apr 23 2023 liyanan <thistleslyn@163.com> - 2:2.10.0-1
- upgrade 2.10.0
* Tue Dec 13 2022 liyanan <liyanan32@h-partners.com> - 2:2.8.1-4
- add requires systemd-pam