Workflow

Xpra

Latest version: v6.0.1

Safety actively analyzes 640549 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 10 of 10

3.1.3

* major fixes:
* GDK crash when updating parked windows geometry 4573f72a2906b414e30e552854b9890eeecf3d16
* always free X11 images safely d7a4ae692248be67c68159272835fe9cc1521398
* MS Windows clients mishandling some window hints (ie: Firefox) 3354a3affe9a4e85e8a32a8c0c1bb03468dcf767
* connection errors when non-user-interactive clients are connected acc73ddffbc9bec34a371a065368c61fba4f31de
* filenames with special characters when opened remotely 62f1d3527dc6a092f2a07e9b8d90f1e308f9db52
* missing notifications due to icon parsing errors 9ea7cb9a1b8c271b37c546ecd366cb14a42d7ea7
* handling of packet parsing errors cd5ee74eb40da83345abeaf263164cf9ffdcc328
* bencoder error when cuda info is missing 314df99ace6cfb72f721c78589bbc141830c525c
* missing auto-refresh 9e77ef6a60ffa9d98e78da3a168cc55225054284
* 'Content-Security-Policy' fixes and workarounds for Safari, xpra-html5 v6 a064cd037f839cd514e05fd6e7ecbf2084ca3f61
* keyboard mapping not honouring the more specific keymap definition cd392e9b53e61f1c801c30fb7917ac7cd8c51c2a
* honour system prefix when loading xkb keymaps 11dc9e25820bd7453b78cd90e4518378537161ad
* launcher gui initialization error on Wayland 75cd3118e9d2277d5f17cf2db747c0d7a829a8fe
* audio and webcam not starting with some packet encoders b7d3f1e939cb38505226dc068f9d03ec8fd325c7
* build and packaging:
* build using CUDA 11.7 by default 371c43e9824bd6601ba5548d9aff1afc01da1ed2, compile as C++11 ae934df2bea8fbc4d69c043f8145ff837ca7aff2
* clean target left some generated files behind 369dff8ee0ea1e3c22609baa9194d22c77caad03
* dependency updates 69b669682b9e61adfcb7d930a778922316337c7f
* MacOS new package signing key 5fda52708a0c68f040cba09323383e19cffc13c3
* ffmpeg 5.0 compatibility 5864561a5a44d2ba3d3126b4119adcee12614cb1
* library updates: Cython 64b70746efb6ef5f1bb3bc0ac4170e7029ed95b8, pynvml a3f98f175a99997188d8586d78c0bda9d372f63e, etc
* workarounds for latest Cython with GCC 4 d1b1b6e07c1a806f4cefeaccdf8280d8f7c094fe, 137dd5713479bc51480903f8b298cf7ad1e7faf2
* support almalinux fc9582d9cadc888c1bc758f7353d991d1c3ad1c7, rocklylinux and oraclelinux 8 build targets 328cd2750a7ea454720276a79208523976829379
* aarch64 builds cfc409af2b44f33af2492d2f16696f7d8d1fb397
* content type updates: `unityhub` is a browser bf810d699b3afd383c3eb02d97179f22f2b3c8f8, `ffplay` is video 2c6bf180890ec96d38a09dbeacdb5f52261f2e33
* minor bugs and tweaks:
* clipboard errors with MS Windows clients and UTF8 data c6628c50c2a403e9f443ccdc9f2b1484d83ec312
* server errors on encoding change (ie: client tray menu) 300c42e6191c7ce0f0cc342aa1d773661d6c4d45
* store and send client properties as strings f8651992dd9e609aeda136967408ca8c148ac62a
* configurable ping timeout delay d15a481ce4db98a72a21331d0e64ef0664a0ca47
* make it possible to run the client without some cython extensions 39a584e51baed0328088a7298a6ecb11e592f5af
* 'xpra showsetting' subcommand errors 14acfa5fc3917bcf6f11391b4fc7c189218827b1
* always expose the server socket location b681b4361d5fc9abad2bd73172c65ad828cd49e3
* make socket querying code more resilient 64c5164091529ef19e9e68df7ed24bcde567e288
* potential race conditions with xpra info requests 95c594470a00d32461963d016444de5ecdefd6fd
* cosmetic:
* more understandable error message when ssh fails to connect 893fffdb78c38717fce7ef7ba9a02cbe1bf1485a
* during shutdown, ignore errors trying to set nodelay / cork 7d6dc1424e6a16b586ffcecb63c4adad0de7bb54
* clipboard error messages when there is no client handling it 6b3b00301f953a8f2a879c0ceec401cbaa58c666
* avoid warnings triggered by Pillow v9 019288e16c75a1d7e423af7b7dd43784e0bd8627
* show disabled menu entries in MacOS menus with GTK3 builds 031e9cc3c88f90d112c0383bfa6bde314293e4b5
* codec loader output was ignoring standard log output format 75db8f95047a370e1a8825c4b0bf7f62b5fe1546
* silence spurious authentication modules warnings ff5c4e4d3bf3db5becfa29fddaa3502d48f542e3
* always log the full backtrace for client connection errors dcd950cef9dbfd741c7ad4e2a617179c491a3626
* use the correct license short names bbf9b26b3677f84ae3519068ad55be43a57e02d4
* nvml version query error f5b63ea4d973d3a60264134c79d2a10d279b3169
* misc logging tweaks and fixes
* encodings:
* disable vaapi with the ffmpeg encoder (crashy) f708203507676b1d774214a86d3cc40528ad4ac7
* handle grayscale png images with transparency 944da351a9a8350f7617903aaa675172700afcf0
* workaround for missing video mode client metadata beb34ea1594d158a8e2263cea41177695ee1a856
* don't send empty alpha channel d894b2a5545173e551e52ce1bf662bf99fbfa725
* never delay screen updates unless we have a video region 97dfa6a6729d07aa0ee49da61753f6da33d25ef7
* jpeg decoder generated invalid picture metadata 4dcc573350aceb132fccef194f2a401ab13e1d9f

3.1.2

* encoding errors with vpx
* fix pkg-info build command
* packaging workarounds for Ubuntu Impish
* fixup missing import in backport causing unix domain socket errors 3316
* minor RPM build fixes

3.1.1

* critical bugs:
- crashes during printer enumeration on MS Windows
- crashes when starting audio forwarding via the command line
- disable crashy ffmpeg codecs with 32-bit builds
- rencode DoS (MacOS and MS Windows binary builds)
- missing key events
* server stalls:
- don't load menu data from the main thread
- don't query the list of printers from the main thread
* build, packaging and platform fixes:
- Python 3.10 support
- default to using CUDA 11.4
- don't try to build NVENC against newer glibc headers (CUDA bug)
- support NVidia Ampere cards natively
- compatibility with experimental version of ffmpeg (GBRP9LE)
- more reliable git branch detection
- Linux distribution detection bug with Python 3 versions
- remove unnecessary runtime dependency on distutils
- clipboard support with python2 servers started from a Wayland environment
- corrupted cursors on MS Windows
- make it possible to bundle webcam support on MS Windows (still disabled by default)
- updated GStreamer dependencies
- the Debian package name we have to recommend is 'dnspython'
- generic / common RPM packages should not depend on Python 3
- use the correct /etc/default path for service configuration
- MacOS updates for GTK3 3.24.30: patches, dependencies
- MacOS packaging of the latest Python pillow with webp support
- add missing C++ files to source snapshots
- fixup some compatibility issues in previous backports
- clean generated Cython files (some pyd filenames have changed)
- use the versioned python interpreter for sourcing files (fix error on CentOS 8)
- locate libfakeXinerama more reliably (at build time)
- missing vpx support on CentOS 7.x
- libwebp 1.2.1
- pynvml 11.470.66
- patched rencode - override the buggy version from EPEL
- arm64 build and packaging tweaks
* network:
- handle mmap client setup errors correctly
- mmap unix group lookup API
- support improved packet encoders
- use the correct exit code for encryption problems
- http script errors
- session 'name' server control command error
- use cryptographically secure random values with AES
- prevent DoS using unreasonably large number of key stretching iterations
- menu errors when there are active VNC connections
- stricter validation of raw packet indexes
- better compatibility with packet encoders (start menu, clipboard)
- reply with 404 if we don't find any data to send
- correctly parse ssh remote command output
- MacOS and MS Windows shadow servers missing the default TCP socket (port 14500)
* authentication:
- stricter validation of challenge digest
- honour the `socket-dirs` option in authentication modules
- fallback to the current user if the one specified is invalid
* encodings:
- correctly paint OpenGL scaled jpeg YUV screen updates
- error in 'void' paint handler (normally unused)
- sha1 data integrity checksum values
- re-enable non-fatal ffmpeg logging outside suppressed code blocks
- vpx encoder uninitialized variable undefined behaviour
- restrict the number of NVENC errors tagged as transient
- don't use AV sync for 'text', 'desktop' and 'picture' content types
* window geometry:
- errors with StackMode requests
- size hints not being honoured in some rare cases
* misc fixes:
- notifications should not override the exit code
- stop processing info requests when the server is exiting
- increase the maximum size of Xdummy resolutions (uses more memory)
- retry if we fail to load the list of windows the first time (seamless servers)
- missing notifications when failing to load the icon
- fix default values shown with 'xpra --help'
- try harder to exit the server cleanly (kill xvfb and dbus later)
- honour the force-replace-wm flag when upgrading
- some modifiers may not have matching key names (ie: VNC clients)
- don't expose xdg desktop entries that don't have a command to run
- smooth scrolling with GTK3 clients
- documentation, debugging, logging tweaks and fixes
- u2f tool error
- prefer https for links to the xpra.org website
- fix saving icons with gi bindings (Python 3)
- make it easier to run in a prefixed installation
- cursor regression with Python 2 builds
* proxy fixes:
- preserve audio packets chunking (avoids an HTML5 client bug)
- avoid potential race conditions with video encoder re-framing
- try harder to find a usable session directory to use
* audio fixes:
- ensure we always stop the 'new-stream' notification process
- remove aac codec flag causing compatibility errors
- fix sink test tool command line usage
* 'top' client:
- server errors when 'top' clients are connected
- handle unicode window names correctly
- threading fixes (screen corruption)
- latency shown as always zero
* html5:
- less strict content security policy
- ensure the 'set-initial-position' attribute is initialized
- avoid sending window attributes set to 'None'
- fix lz4 with AES incompatibility
- log the reason when closing
- don't start a new session again when re-connecting
- don't try to re-connect when the server is shutting down
- re-connected session would lose its connection quickly
- keyboard layout mapping from browser language
- window snapping to the edge, wrong offset
- avoid triggering server side errors on OR windows

3.1

Not secure
Apart from the many important fixes that had accumulated, this release also includes:
* critical fixes for crashes and memory corruption bugs
* better compatibility with newer operating systems and Python versions
* many fixes to the proxy server
* screen update fixes and improvements
* latest `xpra top` client
* the `nvjpeg` encoder
* updated application metadata hints
* keyboard and network fixes

And much more.

The detailed release notes can be found here:
https://github.com/Xpra-org/xpra/blob/v3.1.x/src/NEWS

Downloads:
https://github.com/Xpra-org/xpra/wiki/Download

Page 10 of 10

Links

Releases

Has known vulnerabilities

Previous

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.