- Package name
- Advisory ID
- Affected versions
- MBS1 x86_64
Updated x2goserver package fixes security vulnerability:
A vulnerability in x2goserver before 184.108.40.206 in the setgid wrapper
x2gosqlitewrapper.c, which does not hardcode an internal path to
x2gosqlitewrapper.pl, allowing a remote attacker to change that
path. A remote attacker may be able to execute arbitrary code with
the privileges of the user running the server process (CVE-2013-4376).
A vulnerability in x2goserver before 220.127.116.11 in x2gocleansessions
has also been fixed.
eb26c90fdc53040f10c6ad4d3064c7ee mbs1/x86_64/x2goserver-18.104.22.168-1.mbs1.x86_64.rpm b32edf4af4c0aff51dd1591f3f4c3f02 mbs1/x86_64/x2goserver-postgresql-22.214.171.124-1.mbs1.x86_64.rpm 26a1b81d443ad892848681b11895c28a mbs1/x86_64/x2goserver-sqlite-126.96.36.199-1.mbs1.x86_64.rpm a1d27787d6e4485a506f546c83700129 mbs1/SRPMS/x2goserver-188.8.131.52-1.mbs1.src.rpm