From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bug-guix-bounces+larch=yhetil.org@gnu.org>
Received: from mp1 ([2001:41d0:2:4a6f::])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	by ms0.migadu.com with LMTPS
	id cMqjDQ/4hmDyDAAAgWs5BA
	(envelope-from <bug-guix-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Mon, 26 Apr 2021 19:27:43 +0200
Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by mp1 with LMTPS
	id 8HNCCQ/4hmD0LQAAbx9fmQ
	(envelope-from <bug-guix-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Mon, 26 Apr 2021 17:27:43 +0000
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by aspmx1.migadu.com (Postfix) with ESMTPS id 5985D11EA5
	for <larch@yhetil.org>; Mon, 26 Apr 2021 19:27:42 +0200 (CEST)
Received: from localhost ([::1]:52192 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <bug-guix-bounces+larch=yhetil.org@gnu.org>)
	id 1lb51J-0001dR-Hu
	for larch@yhetil.org; Mon, 26 Apr 2021 13:27:41 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:56180)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1lb4zi-0000mj-9H
 for bug-guix@gnu.org; Mon, 26 Apr 2021 13:26:02 -0400
Received: from debbugs.gnu.org ([209.51.188.43]:35507)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1lb4zi-0006qP-0Z
 for bug-guix@gnu.org; Mon, 26 Apr 2021 13:26:02 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1lb4zh-0000dD-Tn
 for bug-guix@gnu.org; Mon, 26 Apr 2021 13:26:01 -0400
X-Loop: help-debbugs@gnu.org
Subject: bug#48039: xorg-server might be vulnerable to CVE-2021-3472
Resent-From: =?UTF-8?Q?Nicol=C3=B2?= Balzarotti <anothersms@gmail.com>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-CC: bug-guix@gnu.org
Resent-Date: Mon, 26 Apr 2021 17:26:01 +0000
Resent-Message-ID: <handler.48039.B.16194579562412@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: report 48039
X-GNU-PR-Package: guix
X-GNU-PR-Keywords: 
To: 48039@debbugs.gnu.org
X-Debbugs-Original-To: bug-guix@gnu.org
Received: via spool by submit@debbugs.gnu.org id=B.16194579562412
 (code B ref -1); Mon, 26 Apr 2021 17:26:01 +0000
Received: (at submit) by debbugs.gnu.org; 26 Apr 2021 17:25:56 +0000
Received: from localhost ([127.0.0.1]:47052 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1lb4zX-0000cj-15
 for submit@debbugs.gnu.org; Mon, 26 Apr 2021 13:25:55 -0400
Received: from lists.gnu.org ([209.51.188.17]:51614)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <anothersms@gmail.com>) id 1lb4zU-0000cZ-W0
 for submit@debbugs.gnu.org; Mon, 26 Apr 2021 13:25:49 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:56080)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <anothersms@gmail.com>)
 id 1lb4zQ-0000cn-81
 for bug-guix@gnu.org; Mon, 26 Apr 2021 13:25:44 -0400
Received: from mail-ej1-x634.google.com ([2a00:1450:4864:20::634]:46884)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <anothersms@gmail.com>)
 id 1lb4zM-0006hU-EY
 for bug-guix@gnu.org; Mon, 26 Apr 2021 13:25:44 -0400
Received: by mail-ej1-x634.google.com with SMTP id u21so85647109ejo.13
 for <bug-guix@gnu.org>; Mon, 26 Apr 2021 10:25:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; 
 h=from:to:subject:date:message-id:mime-version;
 bh=S56BbzcMk5KszSAEFoxFjg3QGCZFvkq3ecixCKCr1y8=;
 b=Z2BXaGItboK8TmTp0nzg6EC1xt2IaaDCozxY4Ep828tWSgzBpoWAsqRm9bbUWLTsDS
 zWlZBXdvG+UflvByWrTI1pFjjxEVEmAT4TM2aVAtJvhBo/REpGBkHC04ejZT0K/M4Xuc
 GvV23p5Dn4voMCG1Rlvcoq6CHsRtOqoH60XAQ5C6pSkvPmggHtVHmFfvy7/GcYt/W5IJ
 Ka4mSuzyOIOQRFYBl3AsAEE2ij5+u3MJzL7xGJVVfMPhsQoonoVQIXWobVlYsXkqL4+a
 Z3NZeca/nyXyKaTZ5wQQ8gLlG/qAcKjET+qAifa2gh3bvbmQp2nANsL6RgCcxPX9H3yl
 0Egw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:subject:date:message-id:mime-version;
 bh=S56BbzcMk5KszSAEFoxFjg3QGCZFvkq3ecixCKCr1y8=;
 b=VpvgYtZbBVRYn0PHQeK9YgKDqjqvuoVsuzqaeRz5oFpKn+z7j7hS3Eo8rqS7M4l3Kh
 8GJYsnlRnaYJlOa8oMECpoXp0xCe+m3KceLuJ/3GNnyA0MkO+fqyRvIVtiT+ivyXf3Hr
 8GGtcv4NzCHtd2gi4bIq21SYur0jTCV6TH+xkmI/j+MgHklHmzy9qW7XDrUSUtvHHM3w
 FsRyJs69HpyY107/CGpjzP68ED/LhdUbKQ6X7eNgOH+i3vAqpKKt+NHgvFs5MHKYeOAv
 +N0RulVaxv7vaAm1JFwEwRMI9/BvlLY/BDurk4T0VW8LoeoFRunlG4F264cl6kTo/BOG
 Unvg==
X-Gm-Message-State: AOAM531xSssWtLKyglh/FJjIkatyP6QOBJZUtDlyytKIa/+3asKUWsKk
 kj4Lj9DMipuwPN+qv4U6V2Pda9XXD3A=
X-Google-Smtp-Source: ABdhPJx8e2En9OwEnn/OqFlJ5TN7mXyUOk9f42i+pDJKUDwZV7YLqRfGSvbEGcFK9IHqSj9HTHlEgw==
X-Received: by 2002:a17:906:e28c:: with SMTP id
 gg12mr2641785ejb.483.1619457938131; 
 Mon, 26 Apr 2021 10:25:38 -0700 (PDT)
Received: from guixSD (host-79-17-142-89.retail.telecomitalia.it.
 [79.17.142.89])
 by smtp.gmail.com with ESMTPSA id e5sm11904984ejq.85.2021.04.26.10.25.37
 for <bug-guix@gnu.org>
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 26 Apr 2021 10:25:37 -0700 (PDT)
From: =?UTF-8?Q?Nicol=C3=B2?= Balzarotti <anothersms@gmail.com>
Date: Mon, 26 Apr 2021 19:25:35 +0200
Message-ID: <878s55rm9c.fsf@guixSD.i-did-not-set--mail-host-address--so-tickle-me>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="=-=-="
Received-SPF: pass client-ip=2a00:1450:4864:20::634;
 envelope-from=anothersms@gmail.com; helo=mail-ej1-x634.google.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, 
 RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001,
 SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-BeenThere: bug-guix@gnu.org
List-Id: Bug reports for GNU Guix <bug-guix.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/bug-guix>,
 <mailto:bug-guix-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/bug-guix>
List-Post: <mailto:bug-guix@gnu.org>
List-Help: <mailto:bug-guix-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/bug-guix>,
 <mailto:bug-guix-request@gnu.org?subject=subscribe>
Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org
Sender: "bug-Guix" <bug-guix-bounces+larch=yhetil.org@gnu.org>
X-Migadu-Flow: FLOW_IN
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org;
	s=key1; t=1619458062;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:mime-version:mime-version:
	 content-type:content-type:resent-cc:resent-from:resent-sender:
	 resent-message-id:list-id:list-help:list-unsubscribe:list-subscribe:
	 list-post:dkim-signature; bh=S56BbzcMk5KszSAEFoxFjg3QGCZFvkq3ecixCKCr1y8=;
	b=j8Ll8QHXDSzMUgggDsk0+Ft0QkcvRYiVnPfg8qE7YiCoUlNsliUNhZfiEgzMt0uKjRQXp0
	RVTZIDRT7MrVBVLfkp5RnwEmR4gZW2W6NB1DUUllNsuF0JQHBcPeHf6YeLnBlttjuwhmvX
	LKy655TLcnZRnvF0+WLM9pW1riOGufzkOfCcyFh5YxFq6U17VsuU8VrGYBCJdXh3qCnbGd
	jZ7CFyXbNt1n1gxZctJPFRCkkfo8W5NJ5aWGqowB4JzYZN7BHFJqx9o/wIGSEBO0ORfEA7
	/a/+3iVL27IOuZ4DdPsh/MrS+lN0jCcfeDIpuBUy/YPVAMOKBC0RZkhddDN1cw==
ARC-Seal: i=1; s=key1; d=yhetil.org; t=1619458062; a=rsa-sha256; cv=none;
	b=ImOB9aXJoLfRDM5R9oJ5U4Y4tGwa5EmMNdVs7nTUEJxpvYorKK5+l53tIFUtgO5lm4LsiZ
	xztpukaYxa5N9af/1CtYilp/wU8NP0psBXo0kEuop9ONrsIWv/ALdKJ2/fYW8/N7A4RU9C
	hPYGKpaWXSLZK3Wp+MWbyBVLjyTgflFsKDPd6H4+w1HWMUH4x15ALScq7esrvtwG93ApPu
	nXrkzeBLJiQYlXrp1fd2yG1sNppfnyukYAbJ6T9rxUY1vxoJYIUTdW+5eXhknqnPa2bGHX
	Ll4NrwvtBSSMUy9ia8d6LW+Q85EjESYxcSilzBqhwf9vqdAZK8cS+EYlJmPpyQ==
ARC-Authentication-Results: i=1;
	aspmx1.migadu.com;
	dkim=fail ("headers rsa verify failed") header.d=gmail.com header.s=20161025 header.b=Z2BXaGIt;
	dmarc=fail reason="SPF not aligned (relaxed)" header.from=gmail.com (policy=none);
	spf=pass (aspmx1.migadu.com: domain of bug-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=bug-guix-bounces@gnu.org
X-Migadu-Spam-Score: -1.35
Authentication-Results: aspmx1.migadu.com;
	dkim=fail ("headers rsa verify failed") header.d=gmail.com header.s=20161025 header.b=Z2BXaGIt;
	dmarc=fail reason="SPF not aligned (relaxed)" header.from=gmail.com (policy=none);
	spf=pass (aspmx1.migadu.com: domain of bug-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=bug-guix-bounces@gnu.org
X-Migadu-Queue-Id: 5985D11EA5
X-Spam-Score: -1.35
X-Migadu-Scanner: scn0.migadu.com
X-TUID: V13b86kDRriY

--=-=-=
Content-Type: text/plain

Hi, just found this [fn:1]:

A flaw was found in xorg-x11-server in versions before 1.20.11. An
integer underflow can occur in xserver which can lead to a local
privilege escalation.

The commit fixing the bug should be the one at [fn:2], and latest tagged
version (1.20.11) should be fixed.

On a side note, the redhat issue tracker says that [fn:3]:

Xorg server does not run with root privileges in Red Hat Enterprise
Linux 8, therefore this flaw has been rated as having moderate impact
for Red Hat Enterprise linux 8.

Is it possible for guix too not to run the server as root?  I've no idea
myself

guix refresh -l xorg-server
Building the following 73 packages would ensure 121

I just rebuilt xorg-server itself with the attached patch, and building
other packages now but it might take some time on my server.  I'll let
you know how it goes.

[fn:1] https://nvd.nist.gov/vuln/detail/CVE-2021-3472
[fn:2]
https://gitlab.freedesktop.org/xorg/xserver/-/commit/7aaf54a1884f71dc363f0b884e57bcb67407a6cd
[fn:3] https://bugzilla.redhat.com/show_bug.cgi?id=1944167


--=-=-=
Content-Type: text/x-patch; charset=utf-8
Content-Disposition: attachment;
 filename=0001-gnu-xorg-server-Update-to-1.20.11.patch
Content-Transfer-Encoding: quoted-printable

>From a1767951a7b4631c48916f1171f577839fff0df3 Mon Sep 17 00:00:00 2001
From: nixo <nicolo@nixo.xyz>
Date: Mon, 26 Apr 2021 19:22:04 +0200
Subject: [PATCH] gnu: xorg-server: Update to 1.20.11.

* gnu/packages/xorg.scm (xorg-server): Update to 1.20.11.
---
 gnu/packages/xorg.scm | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/gnu/packages/xorg.scm b/gnu/packages/xorg.scm
index 97ff8ab92b..6b6fcbafa9 100644
--- a/gnu/packages/xorg.scm
+++ b/gnu/packages/xorg.scm
@@ -26,6 +26,7 @@
 ;;; Copyright =C2=A9 2020, 2021 Michael Rohleder <mike@rohleder.de>
 ;;; Copyright =C2=A9 2020 Maxim Cournoyer <maxim.cournoyer@gmail.com>
 ;;; Copyright =C2=A9 2020 Jean-Baptiste Note <jean-baptiste.note@m4x.org>
+;;; Copyright =C2=A9 2021 Nicol=C3=B2 Balzarotti <nicolo@nixo.xyz>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -5302,7 +5303,7 @@ over Xlib, including:
 (define-public xorg-server
   (package
     (name "xorg-server")
-    (version "1.20.10")
+    (version "1.20.11")
     (source
       (origin
         (method url-fetch)
@@ -5310,7 +5311,7 @@ over Xlib, including:
                             "xorg-server-" version ".tar.bz2"))
         (sha256
          (base32
-          "16bwrf0ag41l7jbrllbix8z6avc5yimga7ihvq4ch3a5hb020x4p"))
+          "0jacqgin8kcyy8fyv0lhgb4if8g9hp60rm3ih3s1mgps7xp7jk4i"))
         (patches
          (list
           ;; See:
--=20
2.31.1


--=-=-=--