x2go-announcements July 2015

x2go-announcements@lists.x2go.org

2 participants
4 discussions

X2Go Client for Windows (4.0.5.0-2015.07.31) released
by Stefan Baur 31 Jul '15

31 Jul '15

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 (I'm posting this on behalf of Mike DePaulo, who is having some technical issues with his e-mail program right now.) - ---------------------------------------------------------------------- Dear all, This is to announce a new release of X2Go Client for Windows: 4.0.5.0-2015.07.31 This is 1st release of X2Go Client 4.0.5.0 for Windows. There are no changes since 4.0.5.0 itself; all of the changes are reflected in the 4.0.5.0 changelog. However, the 4.0.5.0 changelog lists certain security updates that were already included in 4.0.4.0.2015.06.24. The only security update since 4.0.4.0-2015.06.24 is the fix for OpenSSL CVE-2015-1793. The X2Go Project believes that X2Go Client for Windows 4.0.4.0-2015.06.24 and prior are affected by CVE-2015-1793 when connecting to a session broker via HTTPS. Therefore, Windows users that connect to session brokers via HTTPS are encouraged to upgrade to 4.0.5.0 ASAP. Note that there will be no more updates, not even security updates, for 4.0.4.x. You *must* upgrade to 4.0.5.x to receive future security updates. Also, a very important change was made in order to fix bug #696. This change means that many sessions started on X2Go Client for Windows 4.0.4.0 cannot be resumed on 4.0.5.0 at all. More details are in the Release Notes wiki page, ALL USERS SHOULD READ THEM. http://wiki.x2go.org/doku.php/doc:release-notes-mswin:x2goclient-4.0.5.0 Regards, Mike DePaulo - ---------------------------------------------------------------------- Kind Regards, Stefan Baur, X2Go Project/Community Manager - -- BAUR-ITCS UG (haftungsbeschränkt) Geschäftsführer: Stefan Baur Eichenäckerweg 10, 89081 Ulm | Registergericht Ulm, HRB 724364 Fon/Fax 0731 40 34 66-36/-35 | USt-IdNr.: DE268653243 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJVu4JrAAoJEG7d9BjNvlEZQ/kIAKcXDNHd+DyLBH+uGbupfdV3 XTp0SxlEUZHMSqaIqdMCNmVsuDbbRpSiThtFqJsVlnX4UTnyY5e8YMbqHYh05PQb uPFPS21v0hGVXVfIfvNh88TH3/c4KCWWT57/EiWP4Me3+Ef+B6iY9rCKpHWz9Cg+ tIDMg82nKzchxs+6ii8ogZNkQGRrA/tD4uQXySaNgrrQYsSndREyGBgOHxLSwE7U Ab2SMEmo/Ouf/TPMKmzmjahjRlDEWKgxjXZEq73VjoRmdbjLNz0By4U5n6A3mek8 xtK0qbBW50OaFy1OvaAk2fO5wy9TFH845wSYYBu1W2ikQZ0zj0bwZq3OtMmwnc8= =yHe8 -----END PGP SIGNATURE-----

1 0

X2Go Client 4.0.5.0 released
by Mihai Moldovan 31 Jul '15

31 Jul '15

Dear all The X2Go project is proud to announce a new release of the X2Go component ,,x2goclient''. New gains of this version of ,,x2goclient'' are: o Fixes for scdaemon - now also looks in /usr/lib/gnupg2/. The binary was moved to this location in Debian-based distributions. o All sh invocations now use bash. o Kerberos/GSSAPI fixes, most prominently for OS X. o Packaging changes to make parallel installations of X2Go Client and TheQVD client possible. o Drop unneeded DLL files on Windows. o lrelease calls simplified for better cross-compiling support. o [INCOMPATIBLE] Windows that are maximized on left-hand-side, secondary displays do not lose window decorations anymore. Thanks to Jon Turney for his help in debugging and fixing this issue. o [INCOMPATIBLE] Changing a display's resolution does not make window decorations disappear anymore. Thanks to Jon Turney for his help in debugging and fixing this issue. o [INCOMPATIBLE] Sessions started by the Windows-version of X2Go Client will now be resumable on Linux and OS X as well. The X2Go Project thanks Henning Heinold and Jon Turney for their contributions. *** IMPORTANT NOTICE FOR WINDOWS USERS *** This release of X2Go Client may be incompatible with sessions started with previous versions of X2Go Client. This change was deliberate to, oddly, increase cross-platform compatibility. If you see error messages that state: "Failed to restore all the required visuals. Can't resume the NX session on this display." Please restart the affected sessions. To do so, log in to the machine in question via SSH, get a session list via x2golistsessions (or x2golistsessions_root as root to see all sessions) and terminate them via x2go-terminate <session_id>. The session ID is the entire second column in x2golistsessions(_root)'s output. *** IMPORTANT NOTICE FOR WINDOWS USERS *** X2Go Component: x2goclient Version: 4.0.5.0 Status: RELEASE Date: Tue, 28 Jul 2015 04:48:20 +0200 Fixes these bug report(s): 696 882 901 909 911 Changes: x2goclient (4.0.5.0) RELEASED; urgency=low . [ Mihai Moldovan ] * New upstream release (4.0.5.0): - INSTALL: add more verbose instructions on how to build X2Go Client and friends. - onmainwindow.{cpp,h}: rename slotScDaemonOut() and slotScDaemonError() to slotScDaemonStdOut() and slotScDaemonStdErr(). I will need slotScDaemonError() later and the previous names were a bit of a misnomer. - x2goutils.{cpp,h}: add new show_RichText_Generic_MsgBox() main function designed to replace the show_RichText_WarningMsgBox() function. - x2goutils.{cpp,h}: make show_RichText_WarningMsgBox() use show_RichText_Generic_MsgBox (). - x2goutils.{cpp,h}: new show_RichText_ErrorMsgBox() function as a wrapper for show_RichText_Generic_MsgBox() with a critical icon. - onmainwindow.{cpp,h}: properly handle scdaemon errors with a message box and close the client. - onmainwindow.cpp: manipulate PATH and append /usr/lib/gnupg2/ to it when starting scdaemon. Fixes: #882. - x2goutils.h: add QMessageBox include, fixed compile error. - onmainwindow.cpp: fix typos leading to compile errors. - onmainwindow.cpp: add blocks to switch cases to fix a compile error. Also correctly append to informative_text on one occasion, instead of overwriting it. - x2goutils.cpp: correct typo to fix compile errors. - onmainwindow.cpp: drop a redundant variable and fix empty env check. - onmainwindow.cpp: add more newlines to scdaemon error output. Use trayQuit() method to really quit the client. - onmainwindow.cpp: add debugging output for new scdaemon PATH value. - onmainwindow.cpp: split up PATH value as printed in the error message box by a newline every 100 characters. Makes it look less ugly and fixes truncation issues. - sshprocess.cpp: export PATH variable when running commands. Otherwise, only the first one will respect the new PATH value. - sshprocess.cpp: wrap SSH command prelude and conclusion in double quotes. - sshprocess.cpp: wrap all remote commands with "bash" instead of the unspecific "sh". - onmainwindow.cpp: try to escape shell quotes correctly when using Kerberos/GSSApi when running the xmodmap keyboard sync command on OS X. - onmainwindow.cpp: also escape other shell quotes when using Kerberos/GSSApi. - onmainwindow.cpp: silence compiler warning by casting an int value to std::size_t. - onmainwindow.cpp: silence another compiler warning by not converting from string to int and back to string needlessly. Just use the string. No need for an OS X-specific variable anymore. - onmainwindow.cpp: fix compile error - use QString.toAscii () to get a valid C string representation for tr (). - onmainwindow.cpp: don't terminate if scdaemon exited with non-zero exit code. - sshprocess.cpp: don't use QProcess::start (QString). Qt is trying to be too smart and causes big trouble. Instead, use QProcess::start (QString, QStringList) and pass the arguments as a list. On Windows, Qt will automatically double quote the arguments and duplicate escaped double quotes or escape non-escaped double quotes. On UNIX-like platforms, each element of the list is passed as a unique argv element, so there's no need for quoting them (that's only a shell-internal thing to group arguments.) - sshprocess.cpp: add a bit more debugging - also print out the unmodified raw output of SSH commands. - onmainwindow.cpp: remove now-bogus double quote escaping. - sshmasterconnection.cpp: port QProcess::start () change. - sshprocess.cpp: whitespace/prettify only and a compile fix. - x2goclient.pro: reinstate old lrelease "search" behavior if qtPrepareTool() is not available. This should only happen on EPEL 6, which ships a broken Qt4 version... - onmainwindow.cpp: only set multidisplay mode for non-rootless sessions. - {ui/xsettingsui.ui,xsettingswidget.cpp}: add new "whole display" option for external X server configuration. Part of #883. - onmainwindow.cpp: rename "optionsmd" setting to "optionswholedisplay", which is more clear. - xsettingswidget.cpp: fix compile error: settings -> setting. - sessionmanagedialog.cpp: enable some debugging and make selected sessions configureable or deletable. Fixes: #909. . [ Mike Gabriel ] * debian/control: + Add alternative D for nxproxy: qvd-nxproxy. Allows parallel installation of X2Go Client and the TheQVD client (perl-qvd-client). . [ Mike DePaulo ] - Windows: Update bundled Win32 OpenSSL from 1.0.1m to 1.0.1p, which fixes the multiple CVEs announced on 2015-06-11 and CVE-2015-1793 (announced on 2015-07-09). - Windows: Upgrade the MSVC 2008 DLLs (9.0.21022.8) to the MSVC 2013 DLLs (12.0.21005.1), which Win32 OpenSSL now requires. - Windows: Only bundle msvcr120.dll; The other 2 MSVC DLLs aren't needed by Win32 OpenSSL. - Windows: Update bundled Cygwin OpenSSL from 1.0.2a-1 to 1.0.2d-1, which which fixes the multiple CVEs announced on 2015-06-11 and CVE-2015-1793 (announced on 2015-07-09). - Windows: Update bundled VcXsrv from 1.17.0.0-1 (X2Go/Arctica Build) to 1.17.0.0-3 (X2Go/Arctica Build) The differences relevant to X2Go are: + VcXsrv's bundled version of openssl was updated from 1.0.2a to 1.0.2d (fixes the multiple CVEs announced on 2015-06-11 and CVE-2015-1793 (announced on 2015-07-09). + Drop winmultiwindow.patch (Part of #883) + hw/xwin/glx: Don't create fbConfigs for un-accelerated pixelFormats This has the effect of disabling StaticColor under MultiWindow mode with -wgl (default) and -swrastwgl, and thus making X2Go sessions started from the Windows client able to be resumed on the client on a different OS or the client runing on Windows with different display settings. (Fixes: #696) - Linux: Fix desktop session icons (.desktop files) failing due to missing space between "x2goclient" and its 1st argument (e.g. "--session") (Fixes: #911) . [ Henning Heinold ] * New upstream release (4.0.5.0): - x2goclient.pro: simplify lrelease path preparing for different OS and cross compiling. Fixes: #901. . [ Oleksandr Shneyder ] * New upstream release (4.0.5.0): - onmainwindow.{cpp,h}: fix multimonitor mode on Windows. Run VcXsrv on selected screen without decorations. Regards, Mihai Moldovan

1 2

Python X2Go (0.5.0.4) released
by Mihai Moldovan 28 Jul '15

28 Jul '15

Dear all The X2Go project is proud to announce a new release of the X2Go component ,,python-x2go''. New gains of this version of ,,python-x2go'' are: o "fuse" group does not exist anymore on Debian. Switch to checking for the "fusermount" binary and assume all users may use fuse if installed. o Debian packaging: make PyHoca-CLI/GUI co-installable with TheQVD client. o Misc. bugfixes. X2Go Component: python-x2go Version: 0.5.0.4 Status: RELEASE Date: Tue, 28 Jul 2015 21:26:48 +0200 Changes: python-x2go (0.5.0.4) RELEASED; urgency=medium . [ Mike Gabriel ] * New upstream version (0.5.0.4): - No such constant loglevel_WARNING, must be logolevel_WARN. - End session gracefully if we fail setting up the SSH agent forwarding socket. - Don't check for "fuse" group membership to decide if a user can use sshfs. The "fuse" group has been dropped from Debian jessie and beyond. Furthermore, some openSUSE versions use the "trusted" group for granting (and never used a group named fuse). * debian/control: + Allow qvd-nxproxy as an alternative to nxproxy. Allows co-installation of PyHoca-CLI+GUI and the TheQVD client. Regards, Mihai Moldovan

1 0

NX redistributed (3.5.0.32) released
by Mihai Moldovan 04 Jul '15

04 Jul '15

Dear all The X2Go project is proud to announce a new release of the X2Go component ,,nx-libs''. New gains of this version of ,,nx-libs'' are: o Proper integration of all patches in the source tarballs. Bugs in the tarball generation script and patch file names prohibited inclusion of many patches previously, including security fixes. o OS X build fixes. o Better support for debug (DEBUG, TEST, TRACE and other directives) builds, in part thanks to Nito Martinez. o Build fixes due to underlinking of libdl thanks to Bernard Cafarelli. o Retroactively document correct GPLv2 licensing of previously potentially offending DXPC code. o Help text fixups. o Restart reading if interrupted, gets rid of "Negotiation in stage 10" errors thanks to Vadim Troshchinskiy. o A dozen X.Org Server fixes backported by Ulrich Sibiller. The X2Go Project thanks Bernard Cafarelli, Nito Martinez (Qindel Group), Vadim Troshchinskiy (Qindel Group) and Ulrich Sibiller for their contributions. X2Go Component: nx-libs Version: 2:3.5.0.32 Status: RELEASE Date: Sat, 04 Jul 2015 04:44:00 +0200 Fixes these bug report(s): 853 893 Changes: nx-libs (3.5.0.32) RELEASED; urgency=low . [ Mihai Moldovan ] * Only use the first three numbers in the full version for current_version on OS X. ld(1) on 10.6 fails otherwise. Affected: - 0420_nxcomp_use-correct-library-naming-scheme-on-OS-X.full+lite.patch - 0620_nxcompext_use-correct-library-naming-scheme-on-OS-X.full.patch - 0621_nxcompshad_use-correct-library-naming-scheme-on-OS-X.full.patch * nx-X11: handle source pictures (those without a Drawable surface) gracefully. Adds: - 0017_nx-X11_fix-SetPictureFilter.full.patch * nx-X11: fix typo in previous patch. Affects: - 0017_nx-X11_fix-SetPictureFilter.full.patch * nx-X11: add more NULL guards to TEST and DEBUG sections of Render.c. Affects: - 0990_fix-DEBUG-and-TEST-builds.full.patch * CVE patches were previously not included in release tarballs. Rename: - 1001-LZW-decompress-fix-for-CVE-2011-2895-From-xorg-lib-X.patch => 1001-LZW-decompress-fix-for-CVE-2011-2895-From-xorg-.full.patch - 1002-Fix-CVE-2011-4028-File-disclosure-vulnerability.-ups.patch => 1002-Fix-CVE-2011-4028-File-disclosure-vulnerability.full.patch - 1003-Avoid-use-after-free-in-dix-dixfonts.c-doImageText-C.patch => 1003-Avoid-use-after-free-in-dix-dixfonts.c-doImageT.full.patch - 1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-buffe.patch => 1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-.full.patch - 1005-CVE-2014-0209-integer-overflow-of-realloc-size-in-Fo.patch => 1005-CVE-2014-0209-integer-overflow-of-realloc-size-.full.patch - 1006-CVE-2014-0209-integer-overflow-of-realloc-size-in-le.patch => 1006-CVE-2014-0209-integer-overflow-of-realloc-size-.full.patch - 1007-CVE-2014-0210-unvalidated-length-in-_fs_recv_conn_se.patch => 1007-CVE-2014-0210-unvalidated-length-in-_fs_recv_co.full.patch - 1008-Don-t-crash-when-we-receive-an-FS_Error-from-the-fon.patch => 1008-Don-t-crash-when-we-receive-an-FS_Error-from-th.full.patch - 1009-CVE-2014-0210-unvalidated-lengths-when-reading-repli.patch => 1009-CVE-2014-0210-unvalidated-lengths-when-reading-.full.patch - 1010-CVE-2014-0211-Integer-overflow-in-fs_get_reply-_fs_s.patch => 1010-CVE-2014-0211-Integer-overflow-in-fs_get_reply-.full.patch - 1011-CVE-2014-0210-unvalidated-length-fields-in-fs_read_q.patch => 1011-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch - 1012-CVE-2014-0211-integer-overflow-in-fs_read_extent_inf.patch => 1012-CVE-2014-0211-integer-overflow-in-fs_read_exten.full.patch - 1013-CVE-2014-0211-integer-overflow-in-fs_alloc_glyphs-fr.patch => 1013-CVE-2014-0211-integer-overflow-in-fs_alloc_glyp.full.patch - 1014-CVE-2014-0210-unvalidated-length-fields-in-fs_read_e.patch => 1014-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch - 1015-CVE-2014-0210-unvalidated-length-fields-in-fs_read_g.patch => 1015-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch - 1016-CVE-2014-0210-unvalidated-length-fields-in-fs_read_l.patch => 1016-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch - 1017-CVE-2014-0210-unvalidated-length-fields-in-fs_read_l.patch => 1017-CVE-2014-0210-unvalidated-length-fields-in-fs_r.full.patch - 1018-unchecked-malloc-may-allow-unauthed-client-to-crash-.patch => 1018-unchecked-malloc-may-allow-unauthed-client-to-c.full.patch - 1019-dix-integer-overflow-in-ProcPutImage-CVE-2014-8092-1.patch => 1019-dix-integer-overflow-in-ProcPutImage-CVE-2014-8.full.patch - 1020-dix-integer-overflow-in-GetHosts-CVE-2014-8092-2-4.patch => 1020-dix-integer-overflow-in-GetHosts-CVE-2014-8092-.full.patch - 1021-dix-integer-overflow-in-RegionSizeof-CVE-2014-8092-3.patch => 1021-dix-integer-overflow-in-RegionSizeof-CVE-2014-8.full.patch - 1022-dix-integer-overflow-in-REQUEST_FIXED_SIZE-CVE-2014-.patch => 1022-dix-integer-overflow-in-REQUEST_FIXED_SIZE-CVE-.full.patch - 1023-dbe-unvalidated-lengths-in-DbeSwapBuffers-calls-CVE-.patch => 1023-dbe-unvalidated-lengths-in-DbeSwapBuffers-calls.full.patch - 1024-Xi-unvalidated-lengths-in-Xinput-extension-CVE-2014-.patch => 1024-Xi-unvalidated-lengths-in-Xinput-extension-CVE-.full.patch - 1025-xcmisc-unvalidated-length-in-SProcXCMiscGetXIDList-C.patch => 1025-xcmisc-unvalidated-length-in-SProcXCMiscGetXIDL.full.patch - 1026-Xv-unvalidated-lengths-in-XVideo-extension-swapped-p.patch => 1026-Xv-unvalidated-lengths-in-XVideo-extension-swap.full.patch - 1027-render-check-request-size-before-reading-it-CVE-2014.patch => 1027-render-check-request-size-before-reading-it-CVE.full.patch - 1028-render-unvalidated-lengths-in-Render-extn.-swapped-p.patch => 1028-render-unvalidated-lengths-in-Render-extn.-swap.full.patch - 1029-xfixes-unvalidated-length-in-SProcXFixesSelectSelect.patch => 1029-xfixes-unvalidated-length-in-SProcXFixesSelectS.full.patch - 1030-randr-unvalidated-lengths-in-RandR-extension-swapped.patch => 1030-randr-unvalidated-lengths-in-RandR-extension-sw.full.patch - 1031-glx-Be-more-paranoid-about-variable-length-requests-.patch => 1031-glx-Be-more-paranoid-about-variable-length-requ.full.patch - 1032-glx-Be-more-strict-about-rejecting-invalid-image-siz.patch => 1032-glx-Be-more-strict-about-rejecting-invalid-imag.full.patch - 1033-glx-Additional-paranoia-in-__glXGetAnswerBuffer-__GL.patch => 1033-glx-Additional-paranoia-in-__glXGetAnswerBuffer.full.patch - 1034-glx-Add-safe_-add-mul-pad-v3-CVE-2014-8093-4-6-v4.patch => 1034-glx-Add-safe_-add-mul-pad-v3-CVE-2014-8093-4-6-.full.patch - 1035-glx-Length-checking-for-GLXRender-requests-v2-CVE-20.patch => 1035-glx-Length-checking-for-GLXRender-requests-v2-C.full.patch - 1036-glx-Integer-overflow-protection-for-non-generated-re.patch => 1036-glx-Integer-overflow-protection-for-non-generat.full.patch - 1037-glx-Top-level-length-checking-for-swapped-VendorPriv.patch => 1037-glx-Top-level-length-checking-for-swapped-Vendo.full.patch - 1038-glx-Length-checking-for-non-generated-single-request.patch => 1038-glx-Length-checking-for-non-generated-single-re.full.patch - 1039-glx-Length-checking-for-RenderLarge-requests-v2-CVE-.patch => 1039-glx-Length-checking-for-RenderLarge-requests-v2.full.patch - 1040-glx-Pass-remaining-request-length-into-varsize-v2-CV.patch => 1040-glx-Pass-remaining-request-length-into-varsize-.full.patch - 1041-nx-X11-lib-font-fc-fserve.c-initialize-remaining-buf.patch => 1041-nx-X11-lib-font-fc-fserve.c-initialize-remainin.full.patch - 1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch => 1042-Do-proper-input-validation-to-fix-for-CVE-2011-.full.patch - 1101-Coverity-844-845-846-Fix-memory-leaks.patch => 1101-Coverity-844-845-846-Fix-memory-leaks.full.patch - 1102-include-introduce-byte-counting-functions.patch => 1102-include-introduce-byte-counting-functions.full.patch - 1103-xkb-Don-t-swap-XkbSetGeometry-data-in-the-input-buff.patch => 1103-xkb-Don-t-swap-XkbSetGeometry-data-in-the-input.full.patch - 1104-xkb-Check-strings-length-against-request-size.patch => 1104-xkb-Check-strings-length-against-request-size.full.patch * debian/rolltarball.sh: Cherry-picked from Arctica GH 3.6.x branch. . - Use more quotes. Fixes potential bugs, including one triggered by an unquoted hash within the command line. BASH accepts this. Other shells do not (i.e., treat everything following the hash character as a comment.) - Convert tabs to spaces for consistency. - Use more curly braces. Prevents random characters as being treated as part of a variable name. - Don't escape last newline of a multiline command. Worked out fine so far, because the next line was empty, but this can easily change... * README.keystrokes: Backported from Arctica GH 3.6.x branch. Affects: + 0320_nxagent_configurable-keystrokes.full.patch . - Copy actions documentation from the wiki. - Add documentation for branding behavior. - Remove accidentally copied Dokuwiki syntax. * debian/keystrokes.cfg: fix whitespace errors. Backported from Arctica GH 3.6.x branch. * debian/libnx-xinerama1.*: also create libXinerama symlink in libnx-xinerama1.postinst.postinst (and remove in libnx-xinerama1.postinst.prerm.) Backported from Arctica GH 3.6.x branch. * debian/libnx-xinerama1.*: move Xinerama dir back to nx-x11-common. Only delete known files. Fixes RPM build failures. Backported from Arctica GH 3.6.x branch. * nx-libs.spec: actually create libXinerama.so.1 symlink during build phase. Backported from Arctica GH 3.6.x branch. * debian/control: workaround missing dependencies of nxagent on Ubuntu for now. * debian/libnx-xinerama1.*: fix faulty logic when creating symlinks. Backported from Arctica GH 3.6.x branch. * Security Fixes: - X.Org CVE-2014-8100: v3: port to NXrender.c rather than render.c (Mike DePaulo) v4: backport v3 to nx-libs 3.5.0.x (Mihai Moldovan) Changes: + 1027-render-check-request-size-before-reading-it-CVE.full.patch * Security Fixes: - X.Org CVE-2014-8100: v3: port to NXrender.c rather than render.c (Mike DePaulo) v4: backport v3 to nx-libs 3.5.0.x (Mihai Moldovan) Changes: + 1028-render-unvalidated-lengths-in-Render-extn.-swap.full.patch * nxcomp/Misc.cpp: fix build failure introduced in a27a8aae3ca7a3f70e05152ac3d347942e11159d. Backported from Arctica GH 3.6.x branch. Affects: - 9900-dxpc-license-history.full+lite.patch * Security Fixes: - X.Org CVE-2013-4396: v2: Apply to NXdixfonts.c rather than dixfonts.c (Mike DePaulo) v3: backport v2 to nx-libs 3.5.0.x (Mihai Moldovan) Changes: + 1003-Avoid-use-after-free-in-dix-dixfonts.c-doImageT.full.patch * Security Fixes: - X.Org CVE-2014-8092: v3: port to NXdispatch.c rather than dispatch.c (Mike DePaulo) v4: backport v3 to nx-libs 3.5.0.x (Mihai Moldovan) Changes: + 1019-dix-integer-overflow-in-ProcPutImage-CVE-2014-8.full.patch * Security Fixes: - X.Org CVE-2015-3418: v3: port to NXdispatch.c rather than dispatch.c (Mike DePaulo) v4: backport v3 to nx-libs 3.5.0.x (Mihai Moldovan) Changes: + 1210-CVE-2015-3418-dix-Allow-zero-height-PutImage-re.full.patch * Security Fixes: - X.Org CVE-2014-8099: v3: port to NXxvdisp.c rather than xvdisp.c (Mike DePaulo) v4: backport v3 to nx-libs 3.5.0.x (Mihai Moldovan) Changes: + 1026-Xv-unvalidated-lengths-in-XVideo-extension-swap.full.patch . [ Bernard Cafarelli ] * nx-X11: link to libdl to fix undefined references to 'dlopen' and 'dlsym'. Fixes: #853. v2: generally link to libdl in all of nx-X11. (Mike Gabriel) Adds: - 0630_nx-X11_fix-underlinking-dlopen-dlsym.full.patch . [ Mike Gabriel ] * Security Fixes: - X.Org CVE-2013-7439: 1200-CVE-2013-7439-MakeBigReq-don-t-move-the-last-wo.full.patch * nx-X11: Prevent underlinking by linking to libNX_X{11,damage,fixes). Adds: - 0640_nx-X11_fix-underlinking-libNX_Xcomposite_damage_fixes.full.patch * nxcompshad: Prevent underlinking by linking to libNX_Xext. Adds: - 0650_nxcompshad_link-to-NX_Xext.full.patch * Security Fixes: - X.Org CVE-2015-3418: 1210-CVE-2015-3418-dix-Allow-zero-height-PutImage-re.full.patch * debian/roll-tarball.sh: + Make sure *.keyboard, debian/**, nx-libs.spec, .pc/** don't end up in tarball (special focus on the nx-libs-lite tarball). + Allow patch files names having a dash next to the four digits (i.e., 1234-<patchname>.<suffix>). + Support tarring up the HEAD of the current branch. * debian/COPYING.full+lite: + Replace content with GPL-2 license text, because that is the overall (i.e., strictest) license we have to deal with in nx-libs. * Add 9900-dxpc-license-history.full+lite.patch. Document license history of DXPC (where nxcomp got forked from). Backported from Arctica GH 3.6.x branch. * nxcomp/README.on-retroactive-DXPC-license: Some layout and interpunctuation fixes. Backported from Arctica GH 3.6.x branch. Affects: - 9900-dxpc-license-history.full+lite.patch . [ Nito Martinez ] * nxcomp: fix DEBUG, TEST, DUMP, FLUSH, TOKEN, PING, MIXED et al builds. Adds: - 0992_fix-DEBUG-TEST-DUMP-FLUSH-TOKEN-PING-et-al-builds.full+lite.patch . [ Vadim Troshchinskiy ] * nxcomp: fix "negotiation in stage 10" error. v2: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 0660_nxcomp_fix-negotiation-in-stage-10-error.full+lite.patch . [ Emanuele Giaquinta ] * nx-X11: Fix alpha premultiplication in XRenderParseColor. Fixes: #893. v2: backport to nx-libs 3.6.x (Mike Gabriel) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 0040_nx-X11_Fix-alpha-premultiplication-in-XRenderPa.full.patch . [ Michael DePaulo ] * {nx-X11,nxproxy}: correct manpages: --help -> -help xorg-server does not follow the convention of using 2 dashes. Note that --help does produce the help output. However, it produces this additional output after it: Error: Aborting session with 'Unrecognized option: --help'. Session: Aborting session at 'Sun Jun 28 01:35:35 2015'. Session: Session aborted at 'Sun Jun 28 01:35:35 2015'. It also causes a return code of 1 rather than 0. Therefore, we should instruct users to call -help instead. . v2: backport to nx-libs 3.5.0.x (Mihai Moldovan) Affects: - 0009_nxagent_add-man-page.full.patch - 0009_nxproxy_add-man-page.full+lite.patch - 0209_x2goagent_add-man-page.full.patch . [ Ulrich Sibiller ] * nx-X11: Bug 51375: Xorg doesn't set status for RRGetOutputInfo Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1250_nx-X11_Bug-51375-Xorg-doesn_t-set-status-for-RR.full.patch * nx-X11: Drop a reference to user mode after create Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1251_nx-X11_Drop-a-reference-to-user-mode-after-crea.full.patch * nx-X11: Free randr crtc and output pointer arrays Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1252_nx-X11_Free-randr-crtc-and-output-pointer-array.full.patch * nx-X11: randr: check for virtual size limits before set crtc Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1253_nx-X11_randr-check-for-virtual-size-limits-befo.full.patch * nx-X11: randr: fix server crash in RRGetScreenInfo Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1254_nx-X11_randr-fix-server-crash-in-RRGetScreenInf.full.patch * nx-X11: RRModeCreate: plug memory leak of newModes if AddResource fails Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1255_nx-X11_RRModeCreate-plug-memory-leak-of-newMode.full.patch * nx-X11: ProcRRGetScreenInfo: swap configTimestamp as well Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1256_nx-X11_ProcRRGetScreenInfo-swap-configTimestamp.full.patch * nx-X11: randr: Fix REQUEST vs. REQUEST_SIZE_MATCH mismatch Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1257_nx-X11_randr-Fix-REQUEST-vs-REQUEST_SIZE_MATCH-.full.patch * nx-X11: randr: Clean up compiler warnings about unused and shadowing variables Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1258_nx-X11_randr-Clean-up-compiler-warnings-about-u.full.patch * nx-X11: Make RANDR 'set' timestamps follow client specified time. Bug 21987. Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1259_nx-X11_Make-RANDR-_set_-timestamps-follow-clien.full.patch * nx-X11: xserver: Avoid sending uninitialized padding data over the network Backported from Arctica GH 3.6.x branch. v2: backport to nx-libs 3.6.x (Ulrich Sibiller) v3: backport to nx-libs 3.5.0.x (Mihai Moldovan) Adds: - 1260_nx-X11_xserver-Avoid-sending-uninitialized-padd.full.patch Regards, Mihai Moldovan

1 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

x2go-announcements July 2015