[X2Go-Commits] [x2goclient] 01/01: Windows: Update PuTTY from 0.68 to 0.70
git-admin at x2go.org
git-admin at x2go.org
Mon Feb 19 05:05:42 CET 2018
This is an automated email from the git hooks/post-receive script.
x2go pushed a commit to branch master
in repository x2goclient.
commit b0a7b5c89f920b9416de426afcda7f42d5039493
Author: Mike DePaulo <mikedep333 at gmail.com>
Date: Sun Feb 18 23:08:27 2018 -0500
Windows: Update PuTTY from 0.68 to 0.70
---
copy-deps-win32.bat | 2 +-
debian/changelog | 5 +++++
2 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/copy-deps-win32.bat b/copy-deps-win32.bat
index 1fe50b5..6c3d32c 100755
--- a/copy-deps-win32.bat
+++ b/copy-deps-win32.bat
@@ -11,7 +11,7 @@ xcopy /E /Y %1\MinGW-DLLs\i686-4.8.2-release-posix-dwarf-rt_v3-rev3\libstdc++
xcopy /E /Y %1\MinGW-DLLs\i686-4.8.2-release-posix-dwarf-rt_v3-rev3\libwinpthread-1.dll %3\ || exit /b %errorlevel%
xcopy /E /Y %1\MSVC-DLLs\2013-12.0.21005.1-x86\msvcr120.dll %3\ || exit /b %errorlevel%
xcopy /E /Y %1\pulse\7.1-2.2_bin %3\ || exit /b %errorlevel%
-xcopy /E /Y %1\PuTTY\0.68_bin %3\ || exit /b %errorlevel%
+xcopy /E /Y %1\PuTTY\0.70_bin %3\ || exit /b %errorlevel%
xcopy /E /Y /I %1\VcXsrv\1.17.0.0-3_bin %3\VcXsrv || exit /b %errorlevel%
xcopy /E /Y %1\zlib\1.2.8_bin\zlib1.dll %3\ || exit /b %errorlevel%
xcopy /E /Y %1\zlib\x86-mingw4-1.2.7-1_bin\bin\libz.dll %3\ || exit /b %errorlevel%
diff --git a/debian/changelog b/debian/changelog
index 4c4a4b7..a0d78f4 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -5,6 +5,11 @@ x2goclient (4.1.1.2-0x2go1) UNRELEASED; urgency=medium
- src/sshmasterconnection.cpp: Do not attempt to perform Interaction with
SSH Server (e.g. for changing expired password) when using
GSSAPI/Kerberos because the interaction code does not support it yet.
+ - Windows: Update PuTTY from 0.68 to 0.70, which fixes PuTTY vulns
+ vuln-indirect-dll-hijack-2 & vuln-indirect-dll-hijack-3.
+ Note that x2goclient was only ever affected if the permissions on the
+ installation folder were changed to give users write access, or if
+ x2goclient was copied/extracted to a folder where users could write.
-- X2Go Release Manager <git-admin at x2go.org> Thu, 15 Feb 2018 22:01:32 +0100
--
Alioth's /home/x2go-admin/maintenancescripts/git/hooks/post-receive-email on /srv/git/code.x2go.org/x2goclient.git
More information about the x2go-commits
mailing list