I think, this issue needs to be re-assigned and someone needs to provide updates for x2goclient in all supported Ubuntu releases that have received the fix for CVE-2019-14889.
This patch needs to be applied on top of X2Go Client: https://code.x2go.org/gitweb?p=x2goclient.git;a=patch;h=ce559d163a943737fe4160f7233925df2eee1f9a For Debian, I am currently on this... ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-14889 ** Bug watch added: Debian Bug tracker #947129 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947129 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1856795 Title: X2Go Client broken by 0.8.0~20170825.94fa1e38-1ubuntu0.5 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libssh/+bug/1856795/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
