X2Go Bug report logs - #744
user-local keystrokes.cfg does not work

version graph

Package: x2goagent; Maintainer for x2goagent is X2Go Developers <x2go-dev@lists.x2go.org>; Source for x2goagent is src:nx-libs.

Reported by: Horst Schirmeier <horst@schirmeier.com>

Date: Thu, 15 Jan 2015 15:20:01 UTC

Severity: normal

Tags: patch, pending

Found in version 2:3.5.0.29-0x2go1~git20150113.557+wheezy.heuler.1

Fixed in version 2:3.5.0.29

Done: X2Go Release Manager <git-admin@x2go.org>

Bug is archived. No further changes may be made.

Full log


Message #93 received at 744@bugs.x2go.org (full text, mbox, reply):

Received: (at 744) by bugs.x2go.org; 13 Mar 2015 15:03:14 +0000
From x2go@ymir.das-netzwerkteam.de  Fri Mar 13 16:02:39 2015
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on
	ymir.das-netzwerkteam.de
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,NO_RELAYS,
	URIBL_BLOCKED autolearn=ham version=3.3.2
Received: by ymir.das-netzwerkteam.de (Postfix, from userid 1005)
	id B606C5E088; Fri, 13 Mar 2015 16:02:38 +0100 (CET)
From: X2Go Release Manager <git-admin@x2go.org>
To: 744-submitter@bugs.x2go.org
Cc: control@bugs.x2go.org, 744@bugs.x2go.org
Subject: X2Go issue (in src:nx-libs) has been marked as closed
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Message-Id: <20150313150238.B606C5E088@ymir.das-netzwerkteam.de>
Date: Fri, 13 Mar 2015 16:02:38 +0100 (CET)
close #744
thanks

Hello,

we are very hopeful that X2Go issue #744 reported by you
has been resolved in the new release (2:3.5.0.29) of the
X2Go source project »src:nx-libs«.

You can view the complete changelog entry of src:nx-libs (2:3.5.0.29)
below, and you can use the following link to view all the code changes
between this and the last release of src:nx-libs.

    http://code.x2go.org/gitweb?p=nx-libs.git;a=commitdiff;h=b3aadd99d26c25ed5f015b324d1677af122c2246;hp=c69789464eaf6db4775b636eabb7b315c9525924

If you feel that the issue has not been resolved satisfyingly, feel
free to reopen this bug report or submit a follow-up report with
further observations described based on the new released version
of src:nx-libs.

Thanks a lot for contributing to X2Go!!!

light+love
X2Go Git Admin (on behalf of the sender of this mail)

---
X2Go Component: src:nx-libs
Version: 2:3.5.0.29-0x2go2
Status: RELEASE
Date: Fri, 13 Mar 2015 15:50:00 +0100
Fixes: 741 744
Changes: 
 nx-libs (2:3.5.0.29-0x2go2) RELEASED; urgency=medium
 .
     [ Mike Gabriel ]
   * Update 0320_nxagent_configurable-keystrokes.full.patch. Fix patch header
     referring to keystrokes.cfg (plural), not keystroke.cfg.
   * Allow sysadmins to manipulate nxagent's / x2goagent's rgb file by placing
     it into /etc/nxagent or /etc/x2go.
   * Provide support for separate .keyboard files for nxagent/x2goagent.
   * Modify 0101_nxagent_set-rgb-path.full.patch. Allow configurable rgb files.
   * Extend 0999_nxagent_unbrand-nxagent-brand-x2goagent.full.patch. Let rgb
     file shipped with x2goagent supersede rgb file shipped with nxagent.
     FIXME: a better approach would be to decide at runtime if to use
     /etc/x2go/rgb or /etc/nxagent/rgb.
   * Extend 0999_nxagent_unbrand-nxagent-brand-x2goagent.full.patch. Allow
     separate .keyboard files for x2goagent and nxagent.
   * Update 0600_nx-X11+nxcompext+nxcompshad_unique-libnames.full.patch. Don't
     patch files that get removed during code reduction.
   * Add 0991_fix-hr-typos.full+lite.patch and 991_fix-hr-typos.full.patch.
     Fix several typos in upstream code detected by lintian.
   * Makefile.nx-libs: Don't allow symlinks to point into buildroot.
   * Makefile.nx-libs: Install man pages via main Makefile.
   * Add Description: and Author: fields to various patch headers.
   * Makefile.nx-libs: Run make install for nxproxy first, then create the
     wrapper script.
   * Make install-lite rule in Makefile.nx-libs more predictable and not
     rely on nxproxy/Makefile.in.
   * Makefile.nx-libs: Fix uninstall-lite rule. The nxproxy and nxcomp
     uninstallation has to be in uninstall-lite, not in uninstall-full.
   * Update 1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch.
     Fix broken comment paragraph, whitespace fix.
 .
   * NX code reduction efforts (from 93Mb to 41Mb):
     - Drop more unused code in nx-X11/programs/Xserver/hw/. Do this in
       roll-tarball.sh and in debian/rules alike.
     - Stop shipping unused / very old xterm code.
     - Drop nx-X11/programs/Xserver/hw/xfree86 except of four files symlinked
       to other locations in the source tree at build time.
     - More source tree size reduction by analyzing what exactly of the Mesa
       source code in nx-X11/extras/ is used and what not.
     - Drop more unused folders from tarball release / before .deb package build:
       .  nx-X11/programs/Xserver/miext/shadow/
       .  nx-X11/programs/Xserver/XpConfig/
       .  nx-X11/programs/Xserver/Xprint/
     - Makefile.nx-libs: Don't install Mesa header files into DESTDIR anymore.
     - Unify source tree reduction (debian/rules vs. roll-tarball.sh) via file/
       folder lists in text files named debian/CODE-REDUCTION_*.
     - Update 0991_fix-hr-typos.full.patch. Don't patch files that get removed by
       the NX code reduction effort.
     - Drop 0604_nx-X11_recent-freetype-API.full.patch. Not used in current build
       process.
     - Update 0600_nx-X11+nxcompext+nxcompshad_unique-libnames.full.patch. Don't
       patch files matter to the NX code reduction efforts.
     - Update 0031_nx-X11_parallel-make.full.patch. Don't patch .original files
       in NX code tree.
     - Drop patches: 0017_nx-X11_update-autotools-helper-files.full.patch,
       0018_nx-X11_update-libtool-ltmain-script.full.patch,
       0019_nx-X11_expat-build-against-system-libxmltok.full.patch. They patch
       files that are not used at build time.
 .
   * Patch system:
     - Prepend a "0" to every patch file name in debian/patches/. The patch
       order is now given by a 4 digit ID. Adapt only this changelog stanza to
       this modification.
 .
   * Debian/Ubuntu packaging:
     + Fully rework the way nx-libs gets packaged for Debian/Ubuntu.
     + Split up libnx-x11 into individual packages.
     + Provide dbg:packages for each bin:package containing binaries.
     + Use Makefile logic to install files into DESTDIR.
     + Provide dev:packages for each lib:package individually.
     + Provide nx-x11proto-*-dev packages for all libnx-* libraries.
     + Install _all_ library files (*.so*) to /usr/lib/<triplet>/, so
       no extra settings of LD_LIBRARY_PATH is necessary.
     + Add Multi-Arch support for Debian based distro versions that
       support Multi-Arch.
     + Support hardened builds for nxcomp* libraries.
     + Support hardened builds for nxagent and libNX_*.so files.
     + Add debian/*.symbols files for shared nx-X11 libraries.
     + Support .symbols for 64bit and 32bit alike.
     + Provide CDBS-generated debian/copyright.in file.
 .
   * debian/rules:
     + Backup nxcomp/VERSION file from NoMachine before replacing it with
       a symlink to debian/VERSION. Recreate the original file when cleaning
       up.
     + Fix removal of unused code (that part of the code that we know of so
       far). (The debian/rules file is a Makefile and Makefiles don't understand
       shell globbing with curly braces).
     + Correctly link config files (etc/rgb, etc/nxagent.keyboard,
       etc/x2goagent.keyboard) before dh_auto_build.
     + Add to B-D: expat.
     + Install upstream ChangeLogs into bin:packages.
     + Remove upstream nx-libs ChangeLog during override_dh_clean.
     + Use proper quoting on build flag vars (they may contain spaces).
 .
   * nx-libs.spec:
     + The gpg-offline bin:package is not available in our SLE repo. We can do
       without.
     + Update .spec file to meet changes in tarball size reduction and
       restructuring.
     + Use SONAME based library package naming scheme.
     + Mention NX technology in every package description.
     + Install man pages into bin:packages.
     + Make libNX_X11-6 and libXinerama1 compliant to Shared Library Policy.
     + Add Obsoletes: fields to all shared libs for marking the non-versioned
       library package (names) as obsolete.
     + Don't depend on nx-libs base package with fixed version.
     + Don't fail if removing *.a files fails due to the files being non-present.
     + Set PREFIX=%{_prefix} USRLIBDIR=%{_libdir} SHLIBDIR=%{_libdir} at build
       time.
     + Assure that BuildRoot: is set.
     + On SLE 11.x: libX* packages are prefixed with "xorg-x11-".
     + Install "%{_libdir}/nx/bin" into nxproxy package.
 .
   * debian/roll-tarball.sh:
     + Install etc/ files into etc/ subfolder (rgb, nxagent.keyboard,
       x2goagent.keyboard).
 .
   [ Horst Schirmeier ]
   * Update 0320_nxagent_configurable-keystrokes.full.patch. Fix a typo that
     prevented the /etc/nxagent/keystrokes.cfg file from being parsed. (Fixes:
     #741).
   * Add 0321_nxagent_x2go-specific-keystroke-config.full.patch. If nxagent is
     launched as x2goagent, use X2Go-specific paths for the keystrokes.cfg file.
     (Fixes: #744).
 .
   [ Michael DePaulo ]
   * Security Fixes:
     - Rebase loads of X.Org patches (mainly from RHEL-5) against NX. If not
       all patches from a CVE patch series appear here, then it means that
       the affected file/code is not used in NX at build time.
 .
     - X.Org CVE-2011-2895:
         1001-LZW-decompress-fix-for-CVE-2011-2895-From-xorg-lib-X.patch
     - X.Org CVE-2011-4028:
         1002-Fix-CVE-2011-4028-File-disclosure-vulnerability.-ups.patch
     - X.Org CVE-2013-4396:
         1003-Avoid-use-after-free-in-dix-dixfonts.c-doImageText-C.patch
     - X.Org CVE-2013-6462:
         1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-buffe.patch
     - X.Org CVE-2014-0209:
         1005-CVE-2014-0209-integer-overflow-of-realloc-size-in-Fo.patch
         1006-CVE-2014-0209-integer-overflow-of-realloc-size-in-le.patch
     - X.Org CVE-2014-0210:
         1007-CVE-2014-0210-unvalidated-length-in-_fs_recv_conn_se.patch
         1009-CVE-2014-0210-unvalidated-lengths-when-reading-repli.patch
         1011-CVE-2014-0210-unvalidated-length-fields-in-fs_read_q.patch
         1014-CVE-2014-0210-unvalidated-length-fields-in-fs_read_e.patch
         1015-CVE-2014-0210-unvalidated-length-fields-in-fs_read_g.patch
         1016-CVE-2014-0210-unvalidated-length-fields-in-fs_read_l.patch
         1017-CVE-2014-0210-unvalidated-length-fields-in-fs_read_l.patch
     - X.Org CVE-2014-0211:
         1010-CVE-2014-0211-Integer-overflow-in-fs_get_reply-_fs_s.patch
         1012-CVE-2014-0211-integer-overflow-in-fs_read_extent_inf.patch
         1013-CVE-2014-0211-integer-overflow-in-fs_alloc_glyphs-fr.patch
         1018-unchecked-malloc-may-allow-unauthed-client-to-crash-.patch
     - X.Org CVE-2014-8092:
         1019-dix-integer-overflow-in-ProcPutImage-CVE-2014-8092-1.patch
         1020-dix-integer-overflow-in-GetHosts-CVE-2014-8092-2-4.patch
         1021-dix-integer-overflow-in-RegionSizeof-CVE-2014-8092-3.patch
         1022-dix-integer-overflow-in-REQUEST_FIXED_SIZE-CVE-2014-.patch
     - X.Org CVE-2014-8097:
         1023-dbe-unvalidated-lengths-in-DbeSwapBuffers-calls-CVE-.patch
     - X.Org CVE-2014-8095:
         1024-Xi-unvalidated-lengths-in-Xinput-extension-CVE-2014-.patch
     - X.Org CVE-2014-8096:
         1025-xcmisc-unvalidated-length-in-SProcXCMiscGetXIDList-C.patch
     - X.Org CVE-2014-8099:
         1026-Xv-unvalidated-lengths-in-XVideo-extension-swapped-p.patch
     - X.Org CVE-2014-8100:
         1027-render-check-request-size-before-reading-it-CVE-2014.patch
         1028-render-unvalidated-lengths-in-Render-extn.-swapped-p.patch
     - X.Org CVE-2014-8102:
         1029-xfixes-unvalidated-length-in-SProcXFixesSelectSelect.patch
     - X.Org CVE-2014-8101:
         1030-randr-unvalidated-lengths-in-RandR-extension-swapped.patch
     - X.Org CVE-2014-8093:
         1031-glx-Be-more-paranoid-about-variable-length-requests-.patch
         1032-glx-Be-more-strict-about-rejecting-invalid-image-siz.patch
         1033-glx-Additional-paranoia-in-__glXGetAnswerBuffer-__GL.patch
         1034-glx-Add-safe_-add-mul-pad-v3-CVE-2014-8093-4-6-v4.patch
         1036-glx-Integer-overflow-protection-for-non-generated-re.patch
     - X.Org CVE-2014-8098:
         1035-glx-Length-checking-for-GLXRender-requests-v2-CVE-20.patch
         1037-glx-Top-level-length-checking-for-swapped-VendorPriv.patch
         1038-glx-Length-checking-for-non-generated-single-request.patch
         1039-glx-Length-checking-for-RenderLarge-requests-v2-CVE-.patch
         1040-glx-Pass-remaining-request-length-into-varsize-v2-CV.patch
     - X.org CVE-2015-0255
         1104-xkb-Check-strings-length-against-request-size.patch
 .
     - Security fixes with no assigned CVE:
         1008-Don-t-crash-when-we-receive-an-FS_Error-from-the-fon.patch
 .
     - Rebase the following patches that are prerequisites for the
       CVE-2015-0255 patch:
         1101-Coverity-844-845-846-Fix-memory-leaks.patch
         1102-include-introduce-byte-counting-functions.patch
         1103-xkb-Don-t-swap-XkbSetGeometry-data-in-the-input-buff.patch
 .
     - Fix FTBFS due to the nxproxy executable already existing under
       /usr/lib/nx/bin/nx/
 .
   [ Mihai Moldovan ]
   * Change string "X2go" to "X2Go" where appropriate.
   * CVE security review:
     - Update 1007-CVE-2014-0210-unvalidated-length-in-_fs_recv_conn_se.patch.
       Use xfree() instead of free() in nx-libs.
     - Update 1011-CVE-2014-0210-unvalidated-length-fields-in-fs_read_q.patch.
       Apply correctly on nx-libs 3.6.x.
     - Update 1020-dix-integer-overflow-in-GetHosts-CVE-2014-8092-2-4.patch.
       Human-readable version of "1 MB".
     - Add 1041-nx-X11-lib-font-fc-fserve.c-initialize-remaining-buf.patch.
       Initialize remaining bufleft variables (nx-X11/lib/font/fc/fserve.c).
     - Add 1042-Do-proper-input-validation-to-fix-for-CVE-2011-2895.patch.
       Do proper input validation to fix for CVE-2011-2895.


Send a report that this bug log contains spam.


X2Go Developers <owner@bugs.x2go.org>. Last modified: Wed Dec 4 08:29:28 2024; Machine Name: ymir.das-netzwerkteam.de

X2Go Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.