[X2Go-Commits] [x2goclient] 01/01: Update bundled VcXsrv from 1.15.2.3-xp+vc2013+x2go1 to 1.15.2.4-xp+vc2013+x2go1

git-admin at x2go.org git-admin at x2go.org
Sun Mar 1 02:47:02 CET 2015 

This is an automated email from the git hooks/post-receive script.

x2go pushed a commit to branch master
in repository x2goclient.

commit 3365117e4b0f0fed12e3d0812bb1647438873552
Author: Mike DePaulo <mikedep333 at gmail.com>
Date:   Sat Feb 28 20:33:58 2015 -0500

    Update bundled VcXsrv from 1.15.2.3-xp+vc2013+x2go1 to 1.15.2.4-xp+vc2013+x2go1
---
 copy-deps-win32.bat |    2 +-
 debian/changelog    |    9 ++++++---
 2 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/copy-deps-win32.bat b/copy-deps-win32.bat
index 3d411a0..9c58739 100755
--- a/copy-deps-win32.bat
+++ b/copy-deps-win32.bat
@@ -8,7 +8,7 @@ xcopy /E /Y    D:\x2goclient-contrib\MinGW-DLLs\i686-4.8.2-release-posix-dwarf-r
 xcopy /E /Y    D:\x2goclient-contrib\MSVC-DLLs\2008-9.0.21022.8-x86 %1\
 xcopy /E /Y    D:\x2goclient-contrib\pulse\5.0-rev18_bin %1\
 xcopy /E /Y    D:\x2goclient-contrib\PuTTY\0.63_bin %1\
-xcopy /E /Y /I D:\x2goclient-contrib\VcXsrv\1.15.2.3-xp+vc2013+x2go1_bin %1\VcXsrv
+xcopy /E /Y /I D:\x2goclient-contrib\VcXsrv\1.15.2.4-xp+vc2013+x2go1_bin %1\VcXsrv
 xcopy /E /Y    D:\x2goclient-contrib\zlib\1.2.8_bin\zlib1.dll %1\
 xcopy /E /Y    D:\x2goclient-contrib\zlib\x86-mingw4-1.2.7-1_bin\bin\libz.dll %1\
 REM until Win32OpenSSL 1.0.1k comes out
diff --git a/debian/changelog b/debian/changelog
index bdf02b1..52c0157 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -2,9 +2,12 @@ x2goclient (4.0.4.0-0x2go1) UNRELEASED; urgency=low
 
   [ Mike DePaulo ]
   * New upstream release (4.0.4.0):
-    - Windows: Bundle new version of VcXsrv: 1.15.2.3-xp+vc2013+x2go1.
-      The difference from 1.15.2.2-xp+vc2013+x2go1 is that CVE-2015-0255
-      has been fixed.
+    - Windows: Update bundled VcXsrv from 1.15.2.2-xp+vc2013+x2go1 to
+      1.15.2.4-xp+vc2013+x2go1.
+      The differences are that CVE-2015-0255 has been fixed in VcXsrv
+      itself, and that VcXsrv's bundled version of freetype was updated
+      from 2.5.3 to 2.5.5.
+      This freetype update fixes CVE-2014-9656 through CVE-2014-9675.
     - Windows: Update bundled nxproxy (nx-libs-lite) from 3.5.0.27 to
       3.5.0.28.
     - Windows: Update bundled Cygwin libjpeg-turbo from 1.3.1-1 to 1.3.1-3.

--
Alioth's /srv/git/code.x2go.org/x2goclient.git//../..//_hooks_/post-receive-email on /srv/git/code.x2go.org/x2goclient.git

More information about the x2go-commits mailing list