Workflow

Xpra

Latest version: v6.2.5

Safety actively analyzes 723650 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 5 of 28

4.1.1

Not secure
- minor packaging fixes

4.1

Not secure
- open print dialog
- added documentation (installation, connection options, authentication, etc)
- build option for platforms without any minifiers
- add on screen keyboard
- better connection diagnostic messages
- download connection files and generate connection URIs
- support for rgb24 pixel encoding

Changed

- now packaged separately from the main xpra packages

---

For earlier versions, before `xpra-html5` was split into a separate project, please refer to the [xpra changelog](https://github.com/Xpra-org/xpra/blob/master/docs/CHANGELOG.md).

4.0

Not secure
* Drop support for:
* Python 2, GTK2
* legacy versions (pre 1.0)
* weak authentication
* Network, per socket options:
* authentication and encryption
* ssl
* ssh
* bind options for client
* make it easier to send files from the server
* xpra toolbox subcommand
* xpra help subcommand
* xpra top new features
* faster startup
* signal handling fixes
* smoother window resizing
* refactoring and testing
* unit tests coverage and fixes
* completely skip loading unused features at runtime
* get rid of capabilities data after parsing it
* better module dependency separation
* don't convert to a string before we need it
* more useful window and tray title
* make it easier to source environment
* disable desktop animations in desktop mode
* automatic start-or-upgrade, automatic X11 display rescue
* support MS Windows OpenSSH server to start shadow
* more selective use of OpenGL acceleration in client
* expose server OpenGL capabilities
* cleaner HTML5 syntax

3.0

Not secure
* Python 3 port complete, now the default: [1571](https://github.com/Xpra-org/xpra/issues/1571), [#2195](https://github.com/Xpra-org/xpra/issues/2195)
* much nicer HTML5 client user interface: [2269](https://github.com/Xpra-org/xpra/issues/2269)
* Window handling:
* smoother window resizing: [478](https://github.com/Xpra-org/xpra/issues/478) (OpenGL)
* honouring gravity: [2217](https://github.com/Xpra-org/xpra/issues/2217)
* lock them in readonly mode: [2137](https://github.com/Xpra-org/xpra/issues/2137)
* xpra top subcommand: [2348](https://github.com/Xpra-org/xpra/issues/2348)
* faster startup:
* [2347](https://github.com/Xpra-org/xpra/issues/2347) faster client startup
* [2341](https://github.com/Xpra-org/xpra/issues/2341) faster server startup
* OpenGL:
* more reliable driver probing: [2204](https://github.com/Xpra-org/xpra/issues/2204)
* cursor paint support: [1497](https://github.com/Xpra-org/xpra/issues/1497)
* transparency on MacOS: [1794](https://github.com/Xpra-org/xpra/issues/1794)
* Encoding:
* lossless window scrolling: [1320](https://github.com/Xpra-org/xpra/issues/1320)
* scrolling acceleration for non-OpenGL backends: [2295](https://github.com/Xpra-org/xpra/issues/2295)
* harden image parsing: [2279](https://github.com/Xpra-org/xpra/issues/2279)
* workaround slow video encoder initialization (ie: NVENC) using replacement frames: [2048](https://github.com/Xpra-org/xpra/issues/2048)
* avoid loading codecs we don't need: [2344](https://github.com/Xpra-org/xpra/issues/2344)
* skip some CUDA devices, speedup enumeration: [2415](https://github.com/Xpra-org/xpra/issues/2415)
* Clipboard:
* new native clipboard implementations for all platforms: [812](https://github.com/Xpra-org/xpra/issues/812)
* HTML5 asynchronous clipboard: [1844](https://github.com/Xpra-org/xpra/issues/1844)
* HTML5 support for copying images: [2312](https://github.com/Xpra-org/xpra/issues/2312) (with watermarking)
* brotli compression for text data: [2289](https://github.com/Xpra-org/xpra/issues/2289)
* Authentication:
* modular client authentication handlers: [1796](https://github.com/Xpra-org/xpra/issues/1796)
* mysql authentication module: [2287](https://github.com/Xpra-org/xpra/issues/2287)
* generic SQL authentication module: [2288](https://github.com/Xpra-org/xpra/issues/2288)
* Network:
* client listen mode: [1022](https://github.com/Xpra-org/xpra/issues/1022)
* retry to connect until it succeeds or times out: [2346](https://github.com/Xpra-org/xpra/issues/2346)
* mdns TXT attributes updated at runtime: [2187](https://github.com/Xpra-org/xpra/issues/2187)
* zeroconf fixes: [2317](https://github.com/Xpra-org/xpra/issues/2317)
* drop pybonjour: [2297](https://github.com/Xpra-org/xpra/issues/2297)
* paramiko honours IdentityFile: [2282](https://github.com/Xpra-org/xpra/issues/2282), handles SIGINT better: [#2378](https://github.com/Xpra-org/xpra/issues/2378)
* proxy server fixes for ssl and ssh sockets: [2399](https://github.com/Xpra-org/xpra/issues/2399), remove spurious options: [#2193](https://github.com/Xpra-org/xpra/issues/2193)
* proxy ping and timeouts: [2408](https://github.com/Xpra-org/xpra/issues/2408)
* proxy dynamic authentication: [2261](https://github.com/Xpra-org/xpra/issues/2261)
* Automated Testing:
* test HTML5 client: [2231](https://github.com/Xpra-org/xpra/issues/2231)
* many new mixin tests: [1773](https://github.com/Xpra-org/xpra/issues/1773) (and bugs found)
* start-new-commands is now enabled by default: [2278](https://github.com/Xpra-org/xpra/issues/2278), and the UI allows free text: [#2221](https://github.com/Xpra-org/xpra/issues/2221)
* basic support for native GTK wayland client: [2243](https://github.com/Xpra-org/xpra/issues/2243)
* forward custom X11 properties: [2311](https://github.com/Xpra-org/xpra/issues/2311)
* xpra launcher visual feedback during connection: [1421](https://github.com/Xpra-org/xpra/issues/1421), sharing option: [#2115](https://github.com/Xpra-org/xpra/issues/2115)
* "Window" menu on MacOS: [1808](https://github.com/Xpra-org/xpra/issues/1808)

2.5

Not secure
* Python 3 port mostly complete, including packaging for Debian
* pixel compression and bandwidth management:
* better recovery from network congestion
* distinguish refresh from normal updates
* better tuning for mmap connections
* heuristics improvements
* use video encoders more aggressively
* prevent too many delayed frames with x264
* better video region detection with opengl content
* better automatic tuning for client applications
* based on application categories
* application supplied hints
* application window encoding hints
* using environment variables and disabling video
* HTML5 client improvements
* Client improvements:
* make it easier to start new commands, provide start menu
* probe OpenGL in a subprocess to detect and workaround driver crashes
* use appindicator if available
* Packaging:
* merge xpra and its dependencies into the ​MSYS2 repository
* ship fewer files in MS Windows installers
* partial support for parallel installation of 32-bit and 64-bit version on MS Windows
* MacOS library updates
* CentOS 7: libyu [] and turbojpeg
* Windows Services for Linux (WSL) support
* Fedora 30 and Ubuntu Disco support
* Ubuntu HWE compatibility (manual steps required due to upstream bug)
* Server improvements:
* start command on last client exit
* honour minimum window size
* Python 3
* upgrade-desktop subcommand
* Network layer:
* less copying
* use our own websocket layer
* make it easier to install mdns on MS Windows
* make mmap group configurable
* TCP CORK support on Linux
* SSH transport:
* support .ssh/config with paramiko backend
* connecting via ssh proxy hosts
* SSHFP with paramiko:
* clipboard: restrict clipboard data transfers size
* audio: support wasapi on MS Windows
* code cleanups, etc

2.4

Not secure
* SSH client integration (paramiko)
* builtin server support for TCP socket upgrades to SSH (paramiko)
* automatic TCP port allocation
* expose desktop-sessions as VNC via mdns
* add zeroconf backend
* register more URL schemes
* window content type heuristics configuration
* use content type it to better tune automatic encoding selection
* automatic video scaling
* bandwidth-limit management in video encoders
* HTML5 client mpeg1 and h264 decoding
* HTML5 client support for forwarding of URL open requests
* HTML5 client Internet Explorer 11 compatibility
* HTML5 client toolbar improvements
* HTML5 fullscreen mode support
* limit video dimensions to cap CPU and bandwidth usage
* keyboard layout handling fixes
* better memory management and resource usage
* new default GUI welcome screen
* desktop file for starting shadow servers more easily
* clipboard synchronization with multiple clients
* use notifications bubbles for more important events
* workarounds for running under Wayland with GTK3
* modal windows enabled by default
* support xdg base directory specification and socket file time
* improved python3 support (still client only)
* multi-window shadow servers on MacOS and MS Windows
* buildbot upgrade
* more reliable unit tests
* fixes and workarounds for Java client applications
* locally authenticated users can shut down proxy servers
* restrict potential privileged information leakage
* enhanced per-client window filtering
* remove extra pixel copy in opengl enabled client
* clip pointer events to the actual window content size
* new platforms: Ubuntu Cosmic, Fedora 29

Page 5 of 28

Links

Releases

Has known vulnerabilities

Previous Next

© 2025 Safety CLI Cybersecurity Inc. All Rights Reserved.