Fedora 27: x2goserver Security Update
Summary
X2Go is a server based computing environment with
- session resuming
- low bandwidth support
- session brokerage support
- client side mass storage mounting support
- audio support
- authentication by smartcard and USB stick
This package contains the main daemon and tools for X2Go server-side session
administrations.
nx-libs 3.5.0.33: - Don't allow overriding of X.Org Server UNIX sockets via
TEMP/NX_TEMP environment variables. Fixes problems on machines that use
pam_tempdir.so. - Fix CVE-2017-2624 (timingsafe_memcmp) by Ulrich Sibiller. -Potentially improve LAN- and WAN-type connection speed settings scenarios.
Includes a regression fix for VPN connections by Simon Matter. - Fix problems in
mate-color-picker and potentially also other applications that make heavy use of
RENDER trapezoids. x2goserver 4.0.1.22: - Fixed overzealous nxagent socket
removal. - Keyboard mapping fixes, including preparation for usage with
Arctica's nx-libs version (not supported in this version of X2Go Server, yet). -Support for Devuan and RT OS full desktop session spawning. - Always use short
host name, don't rely on ${HOSTNAME} variable. Compatibility with non-bash
login shells. - Spawn full desktop sessions with a new dbus user session
instance. - Finnish translation update. - Added support for LXQt full desktop
sessions. - New command: x2golistshadowsessions.
[ 1 ] Bug #1478974 - x2go killed by systemd
https://bugzilla.redhat.com/show_bug.cgi?id=1478974
[ 2 ] Bug #1510900 - nx-libs-3.5.0.33 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1510900
su -c 'dnf upgrade x2goserver' at the command line.
For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
FEDORA-2017-60c4aa0e01 2018-03-06 17:17:51.853212 Product : Fedora 27 Version : 4.0.1.22 Release : 2.fc27 URL : https://wiki.x2go.org/doku.php Summary : X2Go Server Description : X2Go is a server based computing environment with - session resuming - low bandwidth support - session brokerage support - client side mass storage mounting support - audio support - authentication by smartcard and USB stick This package contains the main daemon and tools for X2Go server-side session administrations. nx-libs 3.5.0.33: - Don't allow overriding of X.Org Server UNIX sockets via TEMP/NX_TEMP environment variables. Fixes problems on machines that use pam_tempdir.so. - Fix CVE-2017-2624 (timingsafe_memcmp) by Ulrich Sibiller. -Potentially improve LAN- and WAN-type connection speed settings scenarios. Includes a regression fix for VPN connections by Simon Matter. - Fix problems in mate-color-picker and potentially also other applications that make heavy use of RENDER trapezoids. x2goserver 4.0.1.22: - Fixed overzealous nxagent socket removal. - Keyboard mapping fixes, including preparation for usage with Arctica's nx-libs version (not supported in this version of X2Go Server, yet). -Support for Devuan and RT OS full desktop session spawning. - Always use short host name, don't rely on ${HOSTNAME} variable. Compatibility with non-bash login shells. - Spawn full desktop sessions with a new dbus user session instance. - Finnish translation update. - Added support for LXQt full desktop sessions. - New command: x2golistshadowsessions. [ 1 ] Bug #1478974 - x2go killed by systemd https://bugzilla.redhat.com/show_bug.cgi?id=1478974 [ 2 ] Bug #1510900 - nx-libs-3.5.0.33 is available https://bugzilla.redhat.com/show_bug.cgi?id=1510900 su -c 'dnf upgrade x2goserver' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Change Log
References