Publishing details

• Published on 2020-02-08

Changelog

x2goclient (4.0.5.2-2+deb9u1) stretch; urgency=medium

  * debian/patches:
    + Add libssh-regression-fix-CVE-2019-14889.patch. In src/sshprocess.cpp:
      strip ~/, ~user{,/}, ${HOME}{,/} and $HOME{,/} from destination paths
      in scp mode. Fixes: #1428. This was already necessary for pascp (PuTTY-
      based Windows solution for Kerberos support), but newer libssh versions
      with the CVE-2019-14889 also interpret paths as literal strings.
      (Closes: #947129).

 -- Mike Gabriel <email address hidden>  Sun, 22 Dec 2019 14:53:58 +0100

Builds

Package files

• x2goclient_4.0.5.2-2+deb9u1.debian.tar.xz (18.9 KiB)
• x2goclient_4.0.5.2-2+deb9u1.dsc (2.4 KiB)
• x2goclient_4.0.5.2.orig.tar.gz (1.6 MiB)