User Tools

Site Tools


doc:release-notes-mswin:x2goclient-4.0.3.2

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
Last revision Both sides next revision
doc:release-notes-mswin:x2goclient-4.0.3.2 [2015/03/29 21:32]
mikedep333 4.0.3.2-20150329
doc:release-notes-mswin:x2goclient-4.0.3.2 [2015/03/29 23:07]
mikedep333 [Security Update: 4.0.3.2-20150329] Whoops, the prior version of VcXsrv was 1.15.2.4
Line 1: Line 1:
 ====== Windows-Specific Release notes for X2Go Client 4.0.3.2 ====== ====== Windows-Specific Release notes for X2Go Client 4.0.3.2 ======
  
-===== Security Update: 4.0.3.2-20150301 ​=====+===== Security Update: 4.0.3.2-20150329 ​=====
  
 On 2015-03-29, 4.0.3.2-20150329 was released with the following changes: On 2015-03-29, 4.0.3.2-20150329 was released with the following changes:
 <​code>​ <​code>​
-    - Windows: Update bundled VcXsrv from 1.15.2.2-xp+vc2013+x2go1 to+    - Windows: Update bundled VcXsrv from 1.15.2.4-xp+vc2013+x2go1 to
       1.15.2.5 (X2Go/​Arctica Build)       1.15.2.5 (X2Go/​Arctica Build)
       The differences relevant to X2Go are:       The differences relevant to X2Go are:
-        + CVE-2015-0255 was fixed in VcXsrv itself 
         + VcXsrv'​s bundled version of openssl was updated from 1.0.1k         + VcXsrv'​s bundled version of openssl was updated from 1.0.1k
           to 1.0.1m (fixes the multiple CVEs announced on 2015-03-19)           to 1.0.1m (fixes the multiple CVEs announced on 2015-03-19)
         + VcXsrv'​s bundled version of libXfont was updated from 1.4.8         + VcXsrv'​s bundled version of libXfont was updated from 1.4.8
           to 1.4.9 (Fixes CVE-2015-1802 through CVE-2015-1804)           to 1.4.9 (Fixes CVE-2015-1802 through CVE-2015-1804)
-        + VcXsrv'​s bundled version of freetype was updated from 2.5.3 
-          to 2.5.5 (fixes CVE-2014-9656 through CVE-2014-9675) 
     - Windows: Update bundled Win32 OpenSSL from 1.0.1L to 1.0.1m,     - Windows: Update bundled Win32 OpenSSL from 1.0.1L to 1.0.1m,
       which fixes the multiple CVEs announced on 2015-03-19.       which fixes the multiple CVEs announced on 2015-03-19.
doc/release-notes-mswin/x2goclient-4.0.3.2.txt ยท Last modified: 2015/05/09 02:25 by mikedep333