* [bug#74248] [PATCH 0/3] Update xorg-server and xwayland for CVE-2024-9632.
@ 2024-11-07 21:33 Kaelyn Takata via Guix-patches via
2024-11-07 21:41 ` [bug#74248] [PATCH 1/3] gnu: xorg-server: Update to 21.1.14. [security fixes] Kaelyn Takata via Guix-patches via
` (4 more replies)
0 siblings, 5 replies; 6+ messages in thread
From: Kaelyn Takata via Guix-patches via @ 2024-11-07 21:33 UTC (permalink / raw)
To: 74248; +Cc: Kaelyn Takata
This patch series updates xorg-server and xorg-server-xwayland to their latest
versions to fix CVE-2024-9632, which Red Hat has rated "7.8 High" according to
https://nvd.nist.gov/vuln/detail/CVE-2024-9632.
The updated Xwayland depends on a newer version of presentproto than is
available in the current xorgproto package, so I added xorgproto-next to
satisfy Xwayland's dependency while avoiding triggering 10761 additional
package rebuilds.
Kaelyn Takata (3):
gnu: xorg-server: Update to 21.1.14. [security fixes]
gnu: Add xorgproto-next.
gnu: xorg-server-xwayland: Update to 24.1.4 [security fixes].
gnu/packages/xorg.scm | 35 ++++++++++++++++++++++++++++-------
1 file changed, 28 insertions(+), 7 deletions(-)
base-commit: 2a6d96425eea57dc6dd48a2bec16743046e32e06
--
2.46.0
^ permalink raw reply [flat|nested] 6+ messages in thread
* [bug#74248] [PATCH 1/3] gnu: xorg-server: Update to 21.1.14. [security fixes]
2024-11-07 21:33 [bug#74248] [PATCH 0/3] Update xorg-server and xwayland for CVE-2024-9632 Kaelyn Takata via Guix-patches via
@ 2024-11-07 21:41 ` Kaelyn Takata via Guix-patches via
2024-11-07 21:41 ` [bug#74248] [PATCH 2/3] gnu: Add xorgproto-next Kaelyn Takata via Guix-patches via
` (3 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: Kaelyn Takata via Guix-patches via @ 2024-11-07 21:41 UTC (permalink / raw)
To: 74248; +Cc: Kaelyn Takata
This fixes CVE-2024-9632.
* gnu/packages/xorg.scm (xorg-server): Update to 21.1.14.
Change-Id: I35fdd57991eef89fe339a0f79d361e05985187ce
---
gnu/packages/xorg.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/xorg.scm b/gnu/packages/xorg.scm
index 0de08a4ad1..1c5201a836 100644
--- a/gnu/packages/xorg.scm
+++ b/gnu/packages/xorg.scm
@@ -5017,7 +5017,7 @@ (define-public libxcvt
(define-public xorg-server
(package
(name "xorg-server")
- (version "21.1.12")
+ (version "21.1.14")
(source
(origin
(method url-fetch)
@@ -5025,7 +5025,7 @@ (define-public xorg-server
"/xserver/xorg-server-" version ".tar.xz"))
(sha256
(base32
- "03x954bygi6sdynk5yy3yvsfhg6i9gjhisn3x9jxvk5mw4mnw08y"))
+ "0dgfajrnkr8d61z1fjn249s3q1pm23v9w2f1aqb7sx64pp7048cg"))
(patches
(list
;; See:
--
2.46.0
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [bug#74248] [PATCH 2/3] gnu: Add xorgproto-next.
2024-11-07 21:33 [bug#74248] [PATCH 0/3] Update xorg-server and xwayland for CVE-2024-9632 Kaelyn Takata via Guix-patches via
2024-11-07 21:41 ` [bug#74248] [PATCH 1/3] gnu: xorg-server: Update to 21.1.14. [security fixes] Kaelyn Takata via Guix-patches via
@ 2024-11-07 21:41 ` Kaelyn Takata via Guix-patches via
2024-11-07 21:41 ` [bug#74248] [PATCH 3/3] gnu: xorg-server-xwayland: Update to 24.1.4 [security fixes] Kaelyn Takata via Guix-patches via
` (2 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: Kaelyn Takata via Guix-patches via @ 2024-11-07 21:41 UTC (permalink / raw)
To: 74248; +Cc: Kaelyn Takata
* gnu/packages/xorg.scm (xorgproto-next): New variable.
Change-Id: Ib546f911c717611a1dbe10ef6f02e47e00e88a51
---
gnu/packages/xorg.scm | 22 ++++++++++++++++++++++
1 file changed, 22 insertions(+)
diff --git a/gnu/packages/xorg.scm b/gnu/packages/xorg.scm
index 1c5201a836..97a2d8a78a 100644
--- a/gnu/packages/xorg.scm
+++ b/gnu/packages/xorg.scm
@@ -264,6 +264,28 @@ (define-public xorgproto
the core protocol and (many) extensions for the X Window System.")
(license license:x11)))
+(define-public xorgproto-next
+ (package
+ (name "xorgproto")
+ (version "2024.1")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "mirror://xorg/individual/proto"
+ "/xorgproto-" version ".tar.xz"))
+ (sha256
+ (base32
+ "0nfbbi4j130m2gxzp20hp642xizbbl68jpbzahiq8nw183yja8ip"))))
+ (build-system gnu-build-system)
+ (propagated-inputs
+ ;; To get util-macros in (almost?) all package inputs.
+ (list util-macros))
+ (home-page "https://cgit.freedesktop.org/xorg/proto/xorgproto")
+ (synopsis "Xorg protocol headers")
+ (description
+ "This package provides the headers and specification documents defining
+the core protocol and (many) extensions for the X Window System.")
+ (license license:x11)))
+
(define-public bigreqsproto
(package
(name "bigreqsproto")
--
2.46.0
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [bug#74248] [PATCH 3/3] gnu: xorg-server-xwayland: Update to 24.1.4 [security fixes].
2024-11-07 21:33 [bug#74248] [PATCH 0/3] Update xorg-server and xwayland for CVE-2024-9632 Kaelyn Takata via Guix-patches via
2024-11-07 21:41 ` [bug#74248] [PATCH 1/3] gnu: xorg-server: Update to 21.1.14. [security fixes] Kaelyn Takata via Guix-patches via
2024-11-07 21:41 ` [bug#74248] [PATCH 2/3] gnu: Add xorgproto-next Kaelyn Takata via Guix-patches via
@ 2024-11-07 21:41 ` Kaelyn Takata via Guix-patches via
2024-11-27 22:30 ` [bug#74248] Comment Andreas Enge
2024-11-28 5:31 ` bug#74248: [PATCH 0/3] Update xorg-server and xwayland for CVE-2024-9632 John Kehayias via Guix-patches via
4 siblings, 0 replies; 6+ messages in thread
From: Kaelyn Takata via Guix-patches via @ 2024-11-07 21:41 UTC (permalink / raw)
To: 74248; +Cc: Kaelyn Takata
This fixes CVE-2024-9632.
* gnu/packages/xorg.scm (xorg-server-xwayland): Update to 24.1.4.
[inputs]: Replace xorgproto with xorgproto-next.
[arguments]<#:configure-flags>: Remove unsupported flag.
Change-Id: Ie8542fdbbf9a49a79df2b4cd7b9a919b2f547f5f
---
gnu/packages/xorg.scm | 9 ++++-----
1 file changed, 4 insertions(+), 5 deletions(-)
diff --git a/gnu/packages/xorg.scm b/gnu/packages/xorg.scm
index 97a2d8a78a..4e833abb44 100644
--- a/gnu/packages/xorg.scm
+++ b/gnu/packages/xorg.scm
@@ -5295,7 +5295,7 @@ (define-public egl-wayland
(define-public xorg-server-xwayland
(package
(name "xorg-server-xwayland")
- (version "23.2.5")
+ (version "24.1.4")
(source
(origin
(method url-fetch)
@@ -5303,7 +5303,7 @@ (define-public xorg-server-xwayland
"/xserver/xwayland-" version ".tar.xz"))
(sha256
(base32
- "145xykwmyqkaa8zrbn5fnvnff67iral9mc5raamglnbsd3r7zv1k"))))
+ "1x1lmw1br3dxxfppfny1vkmk2l2vk5248i3k05smb7w1mgdphsnr"))))
(inputs (list font-dejavu
dbus
egl-wayland
@@ -5321,7 +5321,7 @@ (define-public xorg-server-xwayland
wayland-protocols
xkbcomp
xkeyboard-config
- xorgproto
+ xorgproto-next
xtrans))
(native-inputs (cons pkg-config
(if (%current-target-system)
@@ -5333,8 +5333,7 @@ (define-public xorg-server-xwayland
(build-system meson-build-system)
(arguments
`(#:configure-flags
- (list "-Dxwayland_eglstream=true"
- (string-append "-Dxkb_dir="
+ (list (string-append "-Dxkb_dir="
(assoc-ref %build-inputs "xkeyboard-config")
"/share/X11/xkb")
(string-append "-Dxkb_bin_dir="
--
2.46.0
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [bug#74248] Comment
2024-11-07 21:33 [bug#74248] [PATCH 0/3] Update xorg-server and xwayland for CVE-2024-9632 Kaelyn Takata via Guix-patches via
` (2 preceding siblings ...)
2024-11-07 21:41 ` [bug#74248] [PATCH 3/3] gnu: xorg-server-xwayland: Update to 24.1.4 [security fixes] Kaelyn Takata via Guix-patches via
@ 2024-11-27 22:30 ` Andreas Enge
2024-11-28 5:31 ` bug#74248: [PATCH 0/3] Update xorg-server and xwayland for CVE-2024-9632 John Kehayias via Guix-patches via
4 siblings, 0 replies; 6+ messages in thread
From: Andreas Enge @ 2024-11-27 22:30 UTC (permalink / raw)
To: 74248; +Cc: Steve George
Hello,
I just checked how many packages depend on xorg-server (650) and
xorgproto (40). So I think there is no need for xorgproto-next, you could
simply update xorgproto directly.
Andreas
^ permalink raw reply [flat|nested] 6+ messages in thread
* bug#74248: [PATCH 0/3] Update xorg-server and xwayland for CVE-2024-9632.
2024-11-07 21:33 [bug#74248] [PATCH 0/3] Update xorg-server and xwayland for CVE-2024-9632 Kaelyn Takata via Guix-patches via
` (3 preceding siblings ...)
2024-11-27 22:30 ` [bug#74248] Comment Andreas Enge
@ 2024-11-28 5:31 ` John Kehayias via Guix-patches via
4 siblings, 0 replies; 6+ messages in thread
From: John Kehayias via Guix-patches via @ 2024-11-28 5:31 UTC (permalink / raw)
To: Kaelyn Takata; +Cc: 74248-done, Andreas Enge, Steve George
Hi Kaelyn,
(Andreas: your message did not go to the original author; CC'ing you and
Steve who you CC'ed in your message. If using debbugs through Emacs, for
instance, make sure you do a "wide-reply" or else the author isn't
included. I really wish a bug number email was an alias for a list.)
On Thu, Nov 07, 2024 at 09:33 PM, Kaelyn Takata wrote:
> This patch series updates xorg-server and xorg-server-xwayland to their latest
> versions to fix CVE-2024-9632, which Red Hat has rated "7.8 High" according to
> https://nvd.nist.gov/vuln/detail/CVE-2024-9632.
>
> The updated Xwayland depends on a newer version of presentproto than is
> available in the current xorgproto package, so I added xorgproto-next to
> satisfy Xwayland's dependency while avoiding triggering 10761 additional
> package rebuilds.
>
Thanks for the patches, sorry I missed this earlier.
> Kaelyn Takata (3):
> gnu: xorg-server: Update to 21.1.14. [security fixes]
I've applied this now as dd4b96e72c8fda4b025a75b47212e06e381e9ea1 (with
a minor change to move a period.)
> gnu: Add xorgproto-next.
> gnu: xorg-server-xwayland: Update to 24.1.4 [security fixes].
>
These two look like they were done similarly by Danny in
e6d1f571957e5668b844939070174aedf0bec673. CC'ing just to close the loop
here.
> gnu/packages/xorg.scm | 35 ++++++++++++++++++++++++++++-------
> 1 file changed, 28 insertions(+), 7 deletions(-)
>
>
> base-commit: 2a6d96425eea57dc6dd48a2bec16743046e32e06
> --
> 2.46.0
Thanks!
John
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2024-11-28 5:32 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-11-07 21:33 [bug#74248] [PATCH 0/3] Update xorg-server and xwayland for CVE-2024-9632 Kaelyn Takata via Guix-patches via
2024-11-07 21:41 ` [bug#74248] [PATCH 1/3] gnu: xorg-server: Update to 21.1.14. [security fixes] Kaelyn Takata via Guix-patches via
2024-11-07 21:41 ` [bug#74248] [PATCH 2/3] gnu: Add xorgproto-next Kaelyn Takata via Guix-patches via
2024-11-07 21:41 ` [bug#74248] [PATCH 3/3] gnu: xorg-server-xwayland: Update to 24.1.4 [security fixes] Kaelyn Takata via Guix-patches via
2024-11-27 22:30 ` [bug#74248] Comment Andreas Enge
2024-11-28 5:31 ` bug#74248: [PATCH 0/3] Update xorg-server and xwayland for CVE-2024-9632 John Kehayias via Guix-patches via
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.