10 Jul
2015
10 Jul
'15
11:59 a.m.
Hi,
----- On 10 Jul, 2015, at 09:14, Henning Heinold h.heinold@tarent.de wrote:
x2go client could be affected when calling the broker via https.
A man in the middle attack is than possible, because the client will not validate the cert from the server correctly.
x2goclient only needs to take action where it bundles OpenSSL, so for example for the Mac binary client and possibly the Windows client. A simple rebuild with updated dependencies should be enough.
-- Clemens Lang