User Tools

Site Tools


doc:release-notes-mswin:x2goclient-4.0.3.2

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
Next revision Both sides next revision
doc:release-notes-mswin:x2goclient-4.0.3.2 [2015/02/25 12:18]
mikedep333 Security Update: 4.0.3.2-20150224
doc:release-notes-mswin:x2goclient-4.0.3.2 [2015/03/29 21:32]
mikedep333 4.0.3.2-20150329
Line 1: Line 1:
 ====== Windows-Specific Release notes for X2Go Client 4.0.3.2 ====== ====== Windows-Specific Release notes for X2Go Client 4.0.3.2 ======
  
 +===== Security Update: 4.0.3.2-20150301 =====
 +
 +On 2015-03-29, 4.0.3.2-20150329 was released with the following changes:
 +<code>
 +    - Windows: Update bundled VcXsrv from 1.15.2.2-xp+vc2013+x2go1 to
 +      1.15.2.5 (X2Go/Arctica Build)
 +      The differences relevant to X2Go are:
 +        + CVE-2015-0255 was fixed in VcXsrv itself
 +        + VcXsrv's bundled version of openssl was updated from 1.0.1k
 +          to 1.0.1m (fixes the multiple CVEs announced on 2015-03-19)
 +        + VcXsrv's bundled version of libXfont was updated from 1.4.8
 +          to 1.4.9 (Fixes CVE-2015-1802 through CVE-2015-1804)
 +        + VcXsrv's bundled version of freetype was updated from 2.5.3
 +          to 2.5.5 (fixes CVE-2014-9656 through CVE-2014-9675)
 +    - Windows: Update bundled Win32 OpenSSL from 1.0.1L to 1.0.1m,
 +      which fixes the multiple CVEs announced on 2015-03-19.
 +    - Windows: Update bundled PuTTY from 0.63 to 0.64.
 +      In addition to other changes, CVE-2015-2157 has been fixed.
 +    - Windows: Update bundled Cygwin openssl from 1.0.1k-1 to 1.0.2a-1.
 +      This update fixes the multiple CVEs announced on 2015-03-19
 +</code>
 +As with most vulnerabilities in 3rd party software, the X2Go project has not done an analysis of whether X2Go Client was actually affected by these vulnerabilities. However, as a precaution, we strongly encourage all users to update.
 +===== Security Update: 4.0.3.2-20150301 =====
 +
 +On 2015-03-01, 4.0.3.2-20150301 was released with the following changes:
 +
 +    - Windows: Update bundled VcXsrv from 1.15.2.3-xp+vc2013+x2go1 to 1.15.2.4-xp+vc2013+x2go1. The difference is that VcXsrv's bundled version of freetype was updated from 2.5.3 to 2.5.5. This freetype update fixes CVE-2014-9656 through CVE-2014-9675.
 +
 +As with most vulnerabilities in 3rd party software, the X2Go project has not done an analysis of whether X2Go Client was actually affected by these vulnerabilities. However, as a precaution, we strongly encourage all users to update.
 ===== Security Update: 4.0.3.2-20150224 ===== ===== Security Update: 4.0.3.2-20150224 =====
  
Line 18: Line 47:
 ===== Available Builds ===== ===== Available Builds =====
  
-All builds with version "4.0.3.2-20150224" in their filename are current.+All builds with version "4.0.3.2-20150301" in their filename are current.
  
 ==== Current Builds ==== ==== Current Builds ====
  
-The regular build, x2goclient-4.0.3.2-20150224-setup.exe, is available under this folder: +The regular build, x2goclient-4.0.3.2-20150329-setup.exe, is available under this folder: 
-  * http://code.x2go.org/releases/binary-win32/x2goclient/releases/4.0.3.2-20150224/+  * http://code.x2go.org/releases/binary-win32/x2goclient/releases/4.0.3.2-20150329/
  
-A debug build, x2goclient-4.0.3.2-20150224-debug-setup.exe, is also available under the folder listed below. If you experience a bug and would like to assist with debugging it, this build is for you.+A debug build, x2goclient-4.0.3.2-20150329-debug-setup.exe, is also available under the folder listed below. If you experience a bug and would like to assist with debugging it, this build is for you.
  
-  * http://code.x2go.org/releases/binary-win32/x2goclient/releases/4.0.3.2-20150224/non-default-builds/+  * http://code.x2go.org/releases/binary-win32/x2goclient/releases/4.0.3.2-20150329/non-default-builds/
  
 ==== Previous Builds ==== ==== Previous Builds ====
  
-The regular build, x2goclient-4.0.3.2-20150219-setup.exe, is available under this folder:+The regular builds, x2goclient-4.0.3.2-20150219-setup.exe through x2goclient-4.0.3.2-20150224-setup.exe, are available under these folders: 
 +  * http://code.x2go.org/releases/binary-win32/x2goclient/releases/4.0.3.2-20150301/ 
 +  * http://code.x2go.org/releases/binary-win32/x2goclient/releases/4.0.3.2-20150224/
   * http://code.x2go.org/releases/binary-win32/x2goclient/releases/4.0.3.2-20150219/   * http://code.x2go.org/releases/binary-win32/x2goclient/releases/4.0.3.2-20150219/
  
-debug build, x2goclient-4.0.3.2-20150219-debug-setup.exe, is also available under the folder listed below. If you experience a bug and would like to assist with debugging it, this build is for you. +The debug builds, x2goclient-4.0.3.2-20150219-debug-setup.exe through x2goclient-4.0.3.2-20150301-setup.exe, are also available under these folders. If you experience a bug and would like to assist with debugging it, these builds are for you. 
 +  * http://code.x2go.org/releases/binary-win32/x2goclient/releases/4.0.3.2-20150301/non-default-builds/ 
 +  * http://code.x2go.org/releases/binary-win32/x2goclient/releases/4.0.3.2-20150224/non-default-builds/
   * http://code.x2go.org/releases/binary-win32/x2goclient/releases/4.0.3.2-20150219/non-default-builds/   * http://code.x2go.org/releases/binary-win32/x2goclient/releases/4.0.3.2-20150219/non-default-builds/
 ===== Supported Windows Versions ===== ===== Supported Windows Versions =====
doc/release-notes-mswin/x2goclient-4.0.3.2.txt · Last modified: 2015/05/09 02:25 by mikedep333