X.org release engineering?
Joerg Sonnenberger
joerg at britannica.bec.de
Tue Jun 9 08:41:05 PDT 2009
On Tue, Jun 09, 2009 at 08:13:03AM -0700, Alan Coopersmith wrote:
> Assuming you mean
> http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=5bf703700ee4a5d6eae20da07cb7a29369667aef
> the patch is available from git, like all other changes.
See earlier part about following git history :)
> I can't find much discussion in the xorg_security list mail in my inbox
> archives (list archives > obviously aren't public) but it looks like no
> one declared that they believed it was an exploitable security issue,
> just a bug.
I wouldn't care about most off-by-one issues. This one is under full
user control though as xset can be used to make the server process
arbitrary directories (e.g. under /tmp). Anyway, it is an issue of the
past.
Joerg
More information about the xorg
mailing list