security update in Fedora 25 for nx-libs and x2goserver

Status: unpushed


  • Don't allow overriding of X.Org Server UNIX sockets via TEMP/NX_TEMP environment variables. Fixes problems on machines that use pam_tempdir.so.
  • Fix CVE-2017-2624 (timingsafe_memcmp) by Ulrich Sibiller.
  • Potentially improve LAN- and WAN-type connection speed settings scenarios. Includes a regression fix for VPN connections by Simon Matter.
  • Fix problems in mate-color-picker and potentially also other applications that make heavy use of RENDER trapezoids.


  • Fixed overzealous nxagent socket removal.
  • Keyboard mapping fixes, including preparation for usage with Arctica's nx-libs version (not supported in this version of X2Go Server, yet).
  • Support for Devuan and RT OS full desktop session spawning.
  • Always use short host name, don't rely on ${HOSTNAME} variable. Compatibility with non-bash login shells.
  • Spawn full desktop sessions with a new dbus user session instance.
  • Finnish translation update.
  • Added support for LXQt full desktop sessions.
  • New command: x2golistshadowsessions.

Comments 1

This update has been submitted for testing by orion.

Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

-1 0 +1 Feedback Guidelines
#1478974 x2go killed by systemd
#1510900 nx-libs- is available
Is the update generally functional?
Content Type
Test Gating Status
Tests not running
Submitted by
Update Type
Update Severity
stable threshold: 3
unstable threshold: -3
submitted 8 months ago

Related Bugs 2

00 #1478974 x2go killed by systemd
00 #1510900 nx-libs- is available

Automated Test Results

Test results and gating status may sometimes conflict as the gating status is retrieved periodically by Bodhi's backend server, while the test results presented here are retrieved upon page load. If your update is marked as gated while all the tests show green/passed, the next check of gating status should open the gate.