This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
doc:release-notes-mswin:x2goclient-4.0.3.2 [2015/02/25 12:12] mikedep333 Remove draft warning |
doc:release-notes-mswin:x2goclient-4.0.3.2 [2015/05/09 02:25] (current) mikedep333 4.0.3.2-20150508 |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== Windows-Specific Release notes for X2Go Client 4.0.3.2 ====== | ====== Windows-Specific Release notes for X2Go Client 4.0.3.2 ====== | ||
+ | ===== Security Update: 4.0.3.2-20150508 ===== | ||
+ | |||
+ | On 2015-05-08, 4.0.3.2-20150508 was released with the following changes: | ||
+ | < | ||
+ | - Windows: Update bundled VcXsrv from 1.15.2.5 (X2Go/ | ||
+ | Build) to 1.15.2.6 (X2Go/ | ||
+ | The differences relevant to X2Go are: | ||
+ | + CVE-2015-3418 was fixed in VcXsrv itself | ||
+ | + Font files no longer differ in each build due to timestamp | ||
+ | differences | ||
+ | - Windows: Update libssh from 0.6.4 to 0.6.5 (while maintaining | ||
+ | Pageant support). This fixes CVE-2015-3146. | ||
+ | </ | ||
+ | As with most vulnerabilities in 3rd party software, the X2Go project has not done an analysis of whether X2Go Client was actually affected by these vulnerabilities. However, as a precaution, we strongly encourage all users to update. | ||
+ | ===== Security Update: 4.0.3.2-20150329 ===== | ||
+ | |||
+ | On 2015-03-29, 4.0.3.2-20150329 was released with the following changes: | ||
+ | < | ||
+ | - Windows: Update bundled VcXsrv from 1.15.2.4-xp+vc2013+x2go1 to | ||
+ | 1.15.2.5 (X2Go/ | ||
+ | The differences relevant to X2Go are: | ||
+ | + VcXsrv' | ||
+ | to 1.0.1m (fixes the multiple CVEs announced on 2015-03-19) | ||
+ | + VcXsrv' | ||
+ | to 1.4.9 (Fixes CVE-2015-1802 through CVE-2015-1804) | ||
+ | - Windows: Update bundled Win32 OpenSSL from 1.0.1L to 1.0.1m, | ||
+ | which fixes the multiple CVEs announced on 2015-03-19. | ||
+ | - Windows: Update bundled PuTTY from 0.63 to 0.64. | ||
+ | In addition to other changes, CVE-2015-2157 has been fixed. | ||
+ | - Windows: Update bundled Cygwin openssl from 1.0.1k-1 to 1.0.2a-1. | ||
+ | This update fixes the multiple CVEs announced on 2015-03-19 | ||
+ | </ | ||
+ | As with most vulnerabilities in 3rd party software, the X2Go project has not done an analysis of whether X2Go Client was actually affected by these vulnerabilities. However, as a precaution, we strongly encourage all users to update. | ||
+ | ===== Security Update: 4.0.3.2-20150301 ===== | ||
+ | |||
+ | On 2015-03-01, 4.0.3.2-20150301 was released with the following changes: | ||
+ | |||
+ | - Windows: Update bundled VcXsrv from 1.15.2.3-xp+vc2013+x2go1 to 1.15.2.4-xp+vc2013+x2go1. The difference is that VcXsrv' | ||
+ | |||
+ | As with most vulnerabilities in 3rd party software, the X2Go project has not done an analysis of whether X2Go Client was actually affected by these vulnerabilities. However, as a precaution, we strongly encourage all users to update. | ||
+ | ===== Security Update: 4.0.3.2-20150224 ===== | ||
+ | |||
+ | On 2015-02-25, 4.0.3.2-20150224 was released with the following changes: | ||
+ | |||
+ | - Windows: Bundle new version of VcXsrv: 1.15.2.3-xp+vc2013+x2go1. The difference from 1.15.2.2-xp+vc2013+x2go1 is that CVE-2015-0255 has been fixed. | ||
+ | - Windows: Update bundled nxproxy (nx-libs-lite) from 3.5.0.27 to 3.5.0.28. | ||
+ | - Windows: Update bundled Cygwin libjpeg-turbo from 1.3.1-1 to 1.3.1-3. The difference is that CVE-2014-9092 has been fixed. | ||
+ | - Windows: Update bundled Cygwin libpng from 1.5.18-1 to 1.5.21-2. In addition to other changes, CVE-2013-6954 has been fixed. | ||
+ | - Windows: Copy the exact version of each cygwin DLL from the cygwin binary tarballs rather than copying the " | ||
+ | |||
+ | As with most vulnerabilities in 3rd party software, the X2Go project has not done an analysis of whether X2Go Client was actually affected by these vulnerabilities. However, as a precaution, we strongly encourage all users to update. | ||
===== Major Windows-specific changes since 4.0.3.1-20150119 ===== | ===== Major Windows-specific changes since 4.0.3.1-20150119 ===== | ||
Line 7: | Line 58: | ||
===== Available Builds ===== | ===== Available Builds ===== | ||
- | All builds with version " | + | All builds with version " |
==== Current Builds ==== | ==== Current Builds ==== | ||
- | The regular build, x2goclient-4.0.3.2-20150219-setup.exe, is available under this folder: | + | The regular build, x2goclient-4.0.3.2-20150508-setup.exe, is available under this folder: |
- | * http:// | + | * http:// |
- | A debug build, x2goclient-4.0.3.2-20150219-debug-setup.exe, | + | A debug build, x2goclient-4.0.3.2-20150508-debug-setup.exe, |
- | * http:// | + | * http:// |
+ | ==== Previous Builds ==== | ||
+ | |||
+ | The regular builds, x2goclient-4.0.3.2-20150219-setup.exe through x2goclient-4.0.3.2-20150329-setup.exe, | ||
+ | * http:// | ||
+ | * http:// | ||
+ | * http:// | ||
+ | * http:// | ||
+ | |||
+ | The debug builds, x2goclient-4.0.3.2-20150219-debug-setup.exe through x2goclient-4.0.3.2-20150329-setup.exe, | ||
+ | * http:// | ||
+ | * http:// | ||
+ | * http:// | ||
+ | * http:// | ||
===== Supported Windows Versions ===== | ===== Supported Windows Versions ===== | ||
X2Go Client is currently only released as a 32-bit x86 build. Both 32-bit x86 and 64-bit x86 versions of Windows are supported via this build. | X2Go Client is currently only released as a 32-bit x86 build. Both 32-bit x86 and 64-bit x86 versions of Windows are supported via this build. | ||
Line 27: | Line 91: | ||
* Windows 8 | * Windows 8 | ||
* Windows 8.1 (with or without " | * Windows 8.1 (with or without " | ||
- | * Windows 10 Technical Preview (Build 9926) | + | * Windows 10 Technical Preview (Build 9926 through 10074) |
These versions of Windows without the latest (specified) service pack may be compatible, but are rarely (if ever) tested. They are not officially supported. | These versions of Windows without the latest (specified) service pack may be compatible, but are rarely (if ever) tested. They are not officially supported. | ||
Line 38: | Line 102: | ||
* Windows Server 2012 | * Windows Server 2012 | ||
* Windows Server 2012 R2 (with or without " | * Windows Server 2012 R2 (with or without " | ||
- | * Windows Server Technical Preview (Build 9926) | + | * Windows Server Technical Preview (Build 9926 through 10074) |
Any incompatibility or bug with a specific version of Windows should be reported via our bug-tracker. | Any incompatibility or bug with a specific version of Windows should be reported via our bug-tracker. |