[X2Go-Commits] page changed: doc:release-notes-mswin:x2goclient-4.0.3.2

Mon Mar 30 01:07:57 CEST 2015

A page in your DokuWiki was added or changed. Here are the details:

Date        : 2015/03/29 23:07
Browser     : Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.101 Safari/537.36
IP-Address  : 71.175.97.130
Hostname    : pool-71-175-97-130.phlapa.fios.verizon.net
Old Revision: http://wiki.x2go.org/doku.php/doc:release-notes-mswin:x2goclient-4.0.3.2?rev=1427664755
New Revision: http://wiki.x2go.org/doku.php/doc:release-notes-mswin:x2goclient-4.0.3.2
Edit Summary: [Security Update: 4.0.3.2-20150329] Whoops, the prior version of VcXsrv was 1.15.2.4
User        : mikedep333

@@ -3,18 +3,15 @@
  ===== Security Update: 4.0.3.2-20150329 =====
  
  On 2015-03-29, 4.0.3.2-20150329 was released with the following changes:
  <code>
-     - Windows: Update bundled VcXsrv from 1.15.2.2-xp+vc2013+x2go1 to
+     - Windows: Update bundled VcXsrv from 1.15.2.4-xp+vc2013+x2go1 to
        1.15.2.5 (X2Go/Arctica Build)
        The differences relevant to
X2Go are:
-         + CVE-2015-0255 was fixed in VcXsrv itself
          + VcXsrv's bundled version of openssl was updated from 1.0.1k
            to 1.0.1m (fixes the multiple CVEs announced on 2015-03-19)
          + VcXsrv's bundled version of libXfont was updated from 1.4.8
            to 1.4.9 (Fixes CVE-2015-1802 through CVE-2015-1804)
-         + VcXsrv's bundled version of freetype was updated from 2.5.3
-           to 2.5.5 (fixes CVE-2014-9656 through CVE-2014-9675)
      - Windows: Update bundled Win32 OpenSSL from 1.0.1L to 1.0.1m,
        which fixes the multiple CVEs announced on 2015-03-19.
      - Windows: Update bundled PuTTY from 0.63 to 0.64.
        In addition to other changes, CVE-2015-2157 has been fixed.



-- 
This mail was generated by DokuWiki at
http://wiki.x2go.org/

