Dear all,
the X2Go project is proud to announce a new release of the X2Go component ,,x2goserver''.
New gains of this version of ,,x2goserver'' are:
o Vulnerability fix. With previous version it was easily possible for an attacker to execute arbitrary code as uid x2gouser. o Parse profile/xprofile files on session start up o ... (see below) o Bug closures: #103, #149, #163, #200 (see below)
WARNING::: The above mentioned vulnerability fix demands that you
upgrade all your X2Go Server installations to version 4.0.0.2.
X2Go Component: x2goserver Version: 4.0.0.2 Status: RELEASE Date: Sun, 19 May 2013 00:54:34 +0200 Changes: x2goserver (4.0.0.2) RELEASED; urgency=low . [ Matthew L. Dailey ] * New upstream version (4.0.0.2): - Do parse profile/xprofile files in X2Go's Xsession file. (Fixes: #149). . [ Jan Engelhardt ] * New upstream version (4.0.0.2): - Use x2gopath in Perl scripts to set the lib path. (Fixes: #103). . [ Mike Gabriel ] * New upstream version (4.0.0.2): - Use make_path from File::Path in x2godbadmin to create user directory if not present. (Fixes: #200). - Security fix for setgid wrapper x2gosqlitewrapper.c. Hard-code path to x2gosqlitewrapper.pl during build via defining a macro in the Makefile. Thanks to Richard Weinberger for spotting this!!! /debian/control: + Let x2goserver bin:package depend on xfonts-base and fontconfig. (Fixes: #163). + Create session log symlink after launching x2goagent. Fix order of target and symlink name when executing the command.
Regards, Mike Gabriel
--
DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148
GnuPG Key ID 0x25771B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de
freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xf...