This is an automated email from the git hooks/post-receive script. x2go pushed a commit to branch release/4.0.3.2-mswin in repository x2goclient. commit d0bbac1d574388b5b1c2ea6f520c54c19c0f445c Author: Mike DePaulo <mikedep333@gmail.com> Date: Sun Mar 29 13:16:00 2015 -0400 Update Cygwin bundle for openssl 1.0.2a-1 update --- copy-deps-win32.bat | 2 +- debian/changelog | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/copy-deps-win32.bat b/copy-deps-win32.bat index a291a72..ddc9d2a 100755 --- a/copy-deps-win32.bat +++ b/copy-deps-win32.bat @@ -1,4 +1,4 @@ -xcopy /E /Y D:\x2goclient-contrib\cygwin\20141018-4_bin %1\ +xcopy /E /Y D:\x2goclient-contrib\cygwin\20141018-5_bin %1\ del %1\nxproxy.exe.unstripped %1\libXcomp.a %1\libXcomp.dll.a xcopy /E /Y D:\x2goclient-contrib\libssh\0.6.4-x2go1-mingw482_bin\bin\libssh.dll %1\ xcopy /E /Y D:\x2goclient-contrib\libzip\0.9.3_bin\bin\libzip.dll %1\ diff --git a/debian/changelog b/debian/changelog index 9ef7533..8b2d589 100644 --- a/debian/changelog +++ b/debian/changelog @@ -12,6 +12,8 @@ x2goclient (4.0.3.2-20150329) unstable; urgency=medium to 1.4.9 (Fixes CVE-2015-1802 through CVE-2015-1804) + VcXsrv's bundled version of freetype was updated from 2.5.3 to 2.5.5 (fixes CVE-2014-9656 through CVE-2014-9675) + - Windows: Update bundled Cygwin openssl from 1.0.1k-1 to 1.0.2a-1. + This update fixes the multiple CVEs announced on 2015-03-19 -- Mike DePaulo <mikedep333@gmail.com> Sun, 29 Mar 2015 15:11:00 -0500 -- Alioth's /srv/git/code.x2go.org/x2goclient.git//..//_hooks_/post-receive-email on /srv/git/code.x2go.org/x2goclient.git