From: John Kehayias via Guix-patches via <guix-patches@gnu.org>
To: Kaelyn Takata <kaelyn.alexi@protonmail.com>
Cc: 74248-done@debbugs.gnu.org, Andreas Enge <andreas@enge.fr>,
Steve George <steve@futurile.net>
Subject: bug#74248: [PATCH 0/3] Update xorg-server and xwayland for CVE-2024-9632.
Date: Thu, 28 Nov 2024 05:31:03 +0000 [thread overview]
Message-ID: <87o71zsz59.fsf@protonmail.com> (raw)
In-Reply-To: <cover.1731011374.git.kaelyn.alexi@protonmail.com>
Hi Kaelyn,
(Andreas: your message did not go to the original author; CC'ing you and
Steve who you CC'ed in your message. If using debbugs through Emacs, for
instance, make sure you do a "wide-reply" or else the author isn't
included. I really wish a bug number email was an alias for a list.)
On Thu, Nov 07, 2024 at 09:33 PM, Kaelyn Takata wrote:
> This patch series updates xorg-server and xorg-server-xwayland to their latest
> versions to fix CVE-2024-9632, which Red Hat has rated "7.8 High" according to
> https://nvd.nist.gov/vuln/detail/CVE-2024-9632.
>
> The updated Xwayland depends on a newer version of presentproto than is
> available in the current xorgproto package, so I added xorgproto-next to
> satisfy Xwayland's dependency while avoiding triggering 10761 additional
> package rebuilds.
>
Thanks for the patches, sorry I missed this earlier.
> Kaelyn Takata (3):
> gnu: xorg-server: Update to 21.1.14. [security fixes]
I've applied this now as dd4b96e72c8fda4b025a75b47212e06e381e9ea1 (with
a minor change to move a period.)
> gnu: Add xorgproto-next.
> gnu: xorg-server-xwayland: Update to 24.1.4 [security fixes].
>
These two look like they were done similarly by Danny in
e6d1f571957e5668b844939070174aedf0bec673. CC'ing just to close the loop
here.
> gnu/packages/xorg.scm | 35 ++++++++++++++++++++++++++++-------
> 1 file changed, 28 insertions(+), 7 deletions(-)
>
>
> base-commit: 2a6d96425eea57dc6dd48a2bec16743046e32e06
> --
> 2.46.0
Thanks!
John
prev parent reply other threads:[~2024-11-28 5:32 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-11-07 21:33 [bug#74248] [PATCH 0/3] Update xorg-server and xwayland for CVE-2024-9632 Kaelyn Takata via Guix-patches via
2024-11-07 21:41 ` [bug#74248] [PATCH 1/3] gnu: xorg-server: Update to 21.1.14. [security fixes] Kaelyn Takata via Guix-patches via
2024-11-07 21:41 ` [bug#74248] [PATCH 2/3] gnu: Add xorgproto-next Kaelyn Takata via Guix-patches via
2024-11-07 21:41 ` [bug#74248] [PATCH 3/3] gnu: xorg-server-xwayland: Update to 24.1.4 [security fixes] Kaelyn Takata via Guix-patches via
2024-11-27 22:30 ` [bug#74248] Comment Andreas Enge
2024-11-28 5:31 ` John Kehayias via Guix-patches via [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87o71zsz59.fsf@protonmail.com \
--to=guix-patches@gnu.org \
--cc=74248-done@debbugs.gnu.org \
--cc=andreas@enge.fr \
--cc=john.kehayias@protonmail.com \
--cc=kaelyn.alexi@protonmail.com \
--cc=steve@futurile.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).