[X2Go-Dev] schedule release of X2Go Client 4.0.2.0
Mike Gabriel
mike.gabriel at das-netzwerkteam.de
Mon Mar 31 16:09:59 CEST 2014
Hi Michael,
On Mo 31 Mär 2014 15:19:07 CEST, Michael DePaulo wrote:
> The latest version of VcXsrv, 1.15.0, contains the vulnerability
> CVE-2013-6462 in the component libXfont 1.4.6.
>
> The vulnerability is fixed in libXfont 1.4.7 and VcXsrv's master
> branch contains that update/fix.
>
> I just sent the VcXsrv developer "marha" a message through
> SourceForge.net. I am hoping he will respond soon. I would like to
> avoid releasing X2Go Client 4.0.2.0 with the vulnerable VcXsrv if at
> all possible. As I mentioned below, I'll try to compile VcXsrv's
> master branch if he will not release a new VcXsrv soon. I will also
> try to compile the master this evening if he does not respond by then.
>
> -Mike
are you sure you want to dive into building VcXsrv? We can also wait a
little more to get that fixed by marha.
Or we could release and provide builds for Win32 a little later.
On the other hand, it problable might be a benefit to be in charge of
your own VcXsrv builds. Maybe not now, but maybe later.
Greets,
Mike
--
DAS-NETZWERKTEAM
mike gabriel, herweg 7, 24357 fleckeby
fon: +49 (1520) 1976 148
GnuPG Key ID 0x25771B31
mail: mike.gabriel at das-netzwerkteam.de, http://das-netzwerkteam.de
freeBusy:
https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: Digitale PGP-Signatur
URL: <http://lists.x2go.org/pipermail/x2go-dev/attachments/20140331/4b127e83/attachment.pgp>
More information about the x2go-dev
mailing list