Mike DePaulo | 8 Jun 03:44 2014
Picon

X2Go Client for Windows (4.0.2.0+build3) released


Dear all,

this is to announce a new Windows-specific security update release of
the X2Go component ,,x2goclient''.
The change in this release of ,,x2goclient'' is:

  o Win32 OpenSSL was updated from 1.0.1g to 1.0.1h. This fixes the 6
security vulnerabilities in the OpenSSL Security Advisory [05 Jun
2014]: CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-0198,
CVE-2010-5298 & CVE-2014-3470

An announcement will be sent out shortly about 4.0.2.0+build4, which
also fixes these 6 vulnerability in Cygwin OpenSSL. 4.0.2.0+build4 is
already available to download.

All Windows users of 4.0.2.0+build2 and earlier are strongly
encouraged to update to 4.0.2.0+build4 (instead of 4.0.2.0+build3.)
This includes users of the "misc" fonts and "full" fonts builds.

For more info on this release, see this page:
http://wiki.x2go.org/doku.php/doc:release-notes-mswin:x2goclient-4.0.2.0

Regards,
Mike DePaulo

Gmane