GNU bug report logs -
#74248
[PATCH 0/3] Update xorg-server and xwayland for CVE-2024-9632.
Previous Next
Full log
View this message in rfc822 format
[Message part 1 (text/plain, inline)]
Your message dated Thu, 28 Nov 2024 05:31:03 +0000
with message-id <87o71zsz59.fsf <at> protonmail.com>
and subject line Re: [bug#74248] [PATCH 0/3] Update xorg-server and xwayland for CVE-2024-9632.
has caused the debbugs.gnu.org bug report #74248,
regarding [PATCH 0/3] Update xorg-server and xwayland for CVE-2024-9632.
to be marked as done.
(If you believe you have received this mail in error, please contact
help-debbugs <at> gnu.org.)
--
74248: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=74248
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems
[Message part 2 (message/rfc822, inline)]
This patch series updates xorg-server and xorg-server-xwayland to their latest
versions to fix CVE-2024-9632, which Red Hat has rated "7.8 High" according to
https://nvd.nist.gov/vuln/detail/CVE-2024-9632.
The updated Xwayland depends on a newer version of presentproto than is
available in the current xorgproto package, so I added xorgproto-next to
satisfy Xwayland's dependency while avoiding triggering 10761 additional
package rebuilds.
Kaelyn Takata (3):
gnu: xorg-server: Update to 21.1.14. [security fixes]
gnu: Add xorgproto-next.
gnu: xorg-server-xwayland: Update to 24.1.4 [security fixes].
gnu/packages/xorg.scm | 35 ++++++++++++++++++++++++++++-------
1 file changed, 28 insertions(+), 7 deletions(-)
base-commit: 2a6d96425eea57dc6dd48a2bec16743046e32e06
--
2.46.0
[Message part 3 (message/rfc822, inline)]
Hi Kaelyn,
(Andreas: your message did not go to the original author; CC'ing you and
Steve who you CC'ed in your message. If using debbugs through Emacs, for
instance, make sure you do a "wide-reply" or else the author isn't
included. I really wish a bug number email was an alias for a list.)
On Thu, Nov 07, 2024 at 09:33 PM, Kaelyn Takata wrote:
> This patch series updates xorg-server and xorg-server-xwayland to their latest
> versions to fix CVE-2024-9632, which Red Hat has rated "7.8 High" according to
> https://nvd.nist.gov/vuln/detail/CVE-2024-9632.
>
> The updated Xwayland depends on a newer version of presentproto than is
> available in the current xorgproto package, so I added xorgproto-next to
> satisfy Xwayland's dependency while avoiding triggering 10761 additional
> package rebuilds.
>
Thanks for the patches, sorry I missed this earlier.
> Kaelyn Takata (3):
> gnu: xorg-server: Update to 21.1.14. [security fixes]
I've applied this now as dd4b96e72c8fda4b025a75b47212e06e381e9ea1 (with
a minor change to move a period.)
> gnu: Add xorgproto-next.
> gnu: xorg-server-xwayland: Update to 24.1.4 [security fixes].
>
These two look like they were done similarly by Danny in
e6d1f571957e5668b844939070174aedf0bec673. CC'ing just to close the loop
here.
> gnu/packages/xorg.scm | 35 ++++++++++++++++++++++++++++-------
> 1 file changed, 28 insertions(+), 7 deletions(-)
>
>
> base-commit: 2a6d96425eea57dc6dd48a2bec16743046e32e06
> --
> 2.46.0
Thanks!
John
This bug report was last modified 175 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.