* [bug#67047] [PATCH] gnu: xorg-server: Update to 21.1.9.
@ 2023-11-10 16:46 Kaelyn Takata via Guix-patches via
2023-11-27 20:46 ` Kaelyn via Guix-patches via
0 siblings, 1 reply; 3+ messages in thread
From: Kaelyn Takata via Guix-patches via @ 2023-11-10 16:46 UTC (permalink / raw)
To: 67047; +Cc: Kaelyn Takata
Fixes CVE-2023-5367 and CVE-2023-5380. See the X.Org security advisory
<https://lists.x.org/archives/xorg/2023-October/003430.html> for more
information.
* gnu/packages/xorg.scm (xorg-server): Update to 21.1.9.
Change-Id: I5786210cf1e5de4d603155fbbd076763e7ae3447
---
gnu/packages/xorg.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/xorg.scm b/gnu/packages/xorg.scm
index f65ffa7476..b30e5c1f07 100644
--- a/gnu/packages/xorg.scm
+++ b/gnu/packages/xorg.scm
@@ -5029,7 +5029,7 @@ (define-public libxcvt
(define-public xorg-server
(package
(name "xorg-server")
- (version "21.1.4")
+ (version "21.1.9")
(source
(origin
(method url-fetch)
@@ -5037,7 +5037,7 @@ (define-public xorg-server
"/xserver/xorg-server-" version ".tar.xz"))
(sha256
(base32
- "11y5w6z3rz3i4jyv0wc3scd2jh3bsmcklq0fm7a5invywj7bxi2w"))
+ "0fjk9ggcrn96blq0bm80739yj23s3gjjjsc0nxk4jk0v07i7nsgz"))
(patches
(list
;; See:
base-commit: bb3ab24a296ffa5273b2e82a02ed057e90c095f3
--
2.41.0
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [bug#67047] [PATCH] gnu: xorg-server: Update to 21.1.9.
2023-11-10 16:46 [bug#67047] [PATCH] gnu: xorg-server: Update to 21.1.9 Kaelyn Takata via Guix-patches via
@ 2023-11-27 20:46 ` Kaelyn via Guix-patches via
2023-11-28 5:21 ` bug#67047: " John Kehayias via Guix-patches via
0 siblings, 1 reply; 3+ messages in thread
From: Kaelyn via Guix-patches via @ 2023-11-27 20:46 UTC (permalink / raw)
To: guix-devel; +Cc: 67047@debbugs.gnu.org
Hi,
I wanted to bring folks' attention to https://issues.guix.gnu.org/67047 which updates xorg-server, including a number of security fixes. The patch has been pending for about 17 days now, and while the QA badge reports "failed" I just spot-checked some of the failures and they seem to be unrelated (e.g. a lot of builds going from unknown to blocked or vice versa, the one new failure for aarch64 being a large download test in the onionshare package, etc).
Is there anything I can do to help the process along? It may also be worth noting that "guix refresh -l xorg-server" reports 125 rebuilds. I also checked and the update to xorg-server does not appear to alter the derivation for the xorg-server-for-tests (which is still at version 21.1.1).
Cheers,
Kaelyn
^ permalink raw reply [flat|nested] 3+ messages in thread
* bug#67047: [PATCH] gnu: xorg-server: Update to 21.1.9.
2023-11-27 20:46 ` Kaelyn via Guix-patches via
@ 2023-11-28 5:21 ` John Kehayias via Guix-patches via
0 siblings, 0 replies; 3+ messages in thread
From: John Kehayias via Guix-patches via @ 2023-11-28 5:21 UTC (permalink / raw)
To: Kaelyn; +Cc: guix-devel, 67047-done
Dear Kaelyn,
On Mon, Nov 27, 2023 at 08:46 PM, Kaelyn wrote:
> Hi,
>
> I wanted to bring folks' attention to
> <https://issues.guix.gnu.org/67047> which updates xorg-server, including
> a number of security fixes. The patch has been pending for about 17
> days now, and while the QA badge reports "failed" I just spot-checked
> some of the failures and they seem to be unrelated (e.g. a lot of
> builds going from unknown to blocked or vice versa, the one new
> failure for aarch64 being a large download test in the onionshare
> package, etc).
>
Thanks for the update. Yes, QA looked good to me too, all things
considered.
> Is there anything I can do to help the process along? It may also be
> worth noting that "guix refresh -l xorg-server" reports 125 rebuilds.
> I also checked and the update to xorg-server does not appear to alter
> the derivation for the xorg-server-for-tests (which is still at
> version 21.1.1).
>
> Cheers,
> Kaelyn
No, you did exactly what you needed to. I did see this patch when it
came in and was just giving a bit for QA to do the builds. That took
longer, I got distracted hoping I could merge mesa-updates first, then
hit CI delays...all that is to say I should have communicated I had
this on my radar.
Sorry about that! I appreciate the patch and the nudge.
Pushed as 06e0f638abd36f816a221af4542ca4a850d7af2d with a minor tweak
to the commit message to note [security fixes] at the top. I built it
locally for x86_64 with mesa-updates merged.
Which reminds me to make sure we have a way to flagging security
updates just like other teams/tags and get them priority. Now on the
security team, it is a first priority.
Thanks again!
John
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2023-11-28 5:22 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-11-10 16:46 [bug#67047] [PATCH] gnu: xorg-server: Update to 21.1.9 Kaelyn Takata via Guix-patches via
2023-11-27 20:46 ` Kaelyn via Guix-patches via
2023-11-28 5:21 ` bug#67047: " John Kehayias via Guix-patches via
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).