x2go-announcements May 2013

x2go-announcements@lists.x2go.org

1 participants
4 discussions

[X2Go-Announcement] X2Go Session Broker (0.0.2.2) released
by Mike Gabriel 25 May '13

25 May '13

Dear all, the X2Go project is proud to announce a new release of the X2Go component ,,x2gobroker''. The package has already been released earlier this week and is a follow-up of release 0.0.2.1. This version of ,,x2gobroker'' fixes an issue introduced by a security fix in 0.0.2.1: o Fix broken setuid calls of x2gobroker-agent o Bug closures: #216 X2Go Component: x2gobroker Version: 0.0.2.2 Status: RELEASE Date: Wed, 22 May 2013 17:32:03 +0200 Changes: x2gobroker (0.0.2.2) RELEASED; urgency=low . * New upstream version (0.0.2.2): - Convert unicode type host fields into single element lists. Fix UCCS+zeroconf tests. - Correctly incorporate path to x2gobroker-agent.pl into x2gobroker-agent setuid wrapper. (Fixes: #216). Regards, Mike Gabriel -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabriel(a)das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.x…

1 0

[X2Go-Announcement] X2Go Debian Package Archive: provisioning of jessie packages
by Mike Gabriel 25 May '13

25 May '13

Dear all, this is to announce that from now on (some packages are still building) the X2Go package archive that provides Debian packages of X2Go [1] also offers packages of X2Go that have been built against Debian jessie (the new Debian testing version). We hope this is to the use of all! If you encounter dependency problems when installing X2Go packages under Debian jessie [2], please file a bug against X2Go BTS [3]. light+love Mike [1] http://packages.x2go.org/debian [2] deb http://packages.x2go.org/debian jessie main [3] http://wiki.x2go.org/doku.php/wiki:bugs -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabriel(a)das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.x…

1 0

[X2Go-Announcement] X2Go Session Broker (0.0.2.1) released
by Mike Gabriel 19 May '13

19 May '13

Dear all, the X2Go project is proud to announce a new release of the X2Go component ,,x2gobroker''. New gains of this version of ,,x2gobroker'' are: o Vulnerability fix. With previous versions it was easily possible for an attacker to execute arbitrary code as uid root(!). o Fix setting X2GOBROKER_SESSIONPROFILES variable via WSGI SetEnv o Populate install stanza in Makefile (for RPM packaging) o Bug closures: #201, #210, #211 (see below) WARNING::: The above mentioned vulnerability fix demands that you upgrade all your X2Go Session Broker installations to version 0.0.2.1. X2Go Component: x2gobroker Version: 0.0.2.1 Status: RELEASE Date: Sun, 19 May 2013 12:41:06 +0200 Changes: x2gobroker (0.0.2.1) RELEASED; urgency=low . [ Mike Gabriel ] * New upstream version (0.0.2.1): - Remove trailing slashes from ManagementServer URLs. - In Apache2 vhost configuration example, move WSGI environment variable settings into VirtualHost setup. - Remove unused, not-yet-developed broker backends and frontends. - Remove old cruft from x2gobroker.conf. - Security fix for setuid wrapper x2gobroker-agent.c. Hard-code path to x2gobroker-agent.pl during build via defining a macro in the Makefile. Thanks to Richard Weinberger for spotting this!!! - Handle URLs in plain WebUI that have slashes (and subpaths) in the backend name. - In WSGI mode: only populate os.environ with variables matching »X2GOBROKER_*«. - Make X2GOBROKER_SESSIONPROFILES configurable via a SetEnv WSGI parameter in the httpd configuration possible. (Fixes: #210). * Provide init scripts and *.default files outside of /debian folder (as they are also relevant for non-Debian packaging). . [ Jan Engelhardt ] * New upstream version (0.0.2.1): - Populate install target of Makefile. (Fixes: #201). - Install man pages and default files through Makefile, as well. (Fixes: #211). Regards, Mike Gabriel -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabriel(a)das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.x…

1 0

[X2Go-Announcement] X2Go Server (4.0.0.2) released
by Mike Gabriel 19 May '13

19 May '13

Dear all, the X2Go project is proud to announce a new release of the X2Go component ,,x2goserver''. New gains of this version of ,,x2goserver'' are: o Vulnerability fix. With previous version it was easily possible for an attacker to execute arbitrary code as uid x2gouser. o Parse profile/xprofile files on session start up o ... (see below) o Bug closures: #103, #149, #163, #200 (see below) WARNING::: The above mentioned vulnerability fix demands that you upgrade all your X2Go Server installations to version 4.0.0.2. X2Go Component: x2goserver Version: 4.0.0.2 Status: RELEASE Date: Sun, 19 May 2013 00:54:34 +0200 Changes: x2goserver (4.0.0.2) RELEASED; urgency=low . [ Matthew L. Dailey ] * New upstream version (4.0.0.2): - Do parse profile/xprofile files in X2Go's Xsession file. (Fixes: #149). . [ Jan Engelhardt ] * New upstream version (4.0.0.2): - Use x2gopath in Perl scripts to set the lib path. (Fixes: #103). . [ Mike Gabriel ] * New upstream version (4.0.0.2): - Use make_path from File::Path in x2godbadmin to create user directory if not present. (Fixes: #200). - Security fix for setgid wrapper x2gosqlitewrapper.c. Hard-code path to x2gosqlitewrapper.pl during build via defining a macro in the Makefile. Thanks to Richard Weinberger for spotting this!!! /debian/control: + Let x2goserver bin:package depend on xfonts-base and fontconfig. (Fixes: #163). + Create session log symlink after launching x2goagent. Fix order of target and symlink name when executing the command. Regards, Mike Gabriel -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabriel(a)das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.x…

1 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

x2go-announcements May 2013