TLDR: I released X2Go Client for Windows 4.0.2.1+hotfix1+build2 in order to update the bundled openssl to 1.0.1i (security fixes), but bug #564 was introduced and it is bad enough that I do not recommend using it yet. Continue to use 4.0.2.1+hotfix1. X2Go Devs, I also want to know if I should announce the release anyway on x2go-announcements.
So I released X2Go Client for Windows 4.0.2.1+hotfix1+build2 in the sense that I did the following:
However, I did not do the following yet:
I haven't announced it yet because I discovered bug #564 while testing it http://bugs.x2go.org/cgi-bin/bugreport.cgi?bug=564
As I explained in the bug report, I am shocked that a regression like this was introduced because I thought that openssl 1.0.1* updates were very unlikely to introduce regressions. And I thought that there was never a need to recompile anything due to these updates. (If 1.0.2 or 1.1.0 came out, then there would be a need to recompile.) This is why I didn't test the updated build of x2goclient before posting it to code.x2go.org/releases/ .
I will look into this further tomorrow. In the meantime, I recommend staying with 4.0.2.1+hotfix1 until I fix this bug (or someone else fixes it.)
I also want to know if I should announce the release anyway on x2go-announcements.
-Mike#2