282415 – x11-servers/xorg-server: update 21.1.13 -> 21.1.14 to fix CVE-2024-9632

Bug 282415 - x11-servers/xorg-server: update 21.1.13 -> 21.1.14 to fix CVE-2024-9632

Summary: x11-servers/xorg-server: update 21.1.13 -> 21.1.14 to fix CVE-2024-9632

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	--- Affects Only Me
Assignee:	freebsd-x11 (Nobody)

URL:	https://lists.x.org/archives/xorg-ann...
Keywords:

Depends on:
Blocks:

Reported:	2024-10-30 06:22 UTC by Kurt Jaeger
Modified:	2024-11-20 19:18 UTC (History)
CC List:	4 users (show)

See Also:

Flags:	manu: maintainer-feedback+

Attachments
patch (906 bytes, patch) 2024-10-30 06:22 UTC, Kurt Jaeger	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Kurt Jaeger freebsd_committer

2024-10-30 06:22:46 UTC

Created attachment 254633 [details]
patch

testbuild on 14.1 was fine, no run-tests as of now.

Comment 1 Emmanuel Vadot freebsd_committer

2024-10-30 06:36:14 UTC

Thanks, don't forget to add the CVE entry in vuxml too.

Comment 2 Kurt Jaeger freebsd_committer

2024-11-19 18:25:09 UTC

xwayland is also affected, testbuilds at work

Comment 3 commit-hook freebsd_committer

2024-11-19 19:10:49 UTC

A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=cd195d167829492badc1de89e53db3bab79cf747

commit cd195d167829492badc1de89e53db3bab79cf747
Author:     Kurt Jaeger <pi@FreeBSD.org>
AuthorDate: 2024-11-19 18:57:57 +0000
Commit:     Kurt Jaeger <pi@FreeBSD.org>
CommitDate: 2024-11-19 18:57:57 +0000

    security/vuxml: Add x11-servers/xorg-server, x11-servers/xwayland

    PR:             282415

 security/vuxml/vuln/2024.xml | 45 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 45 insertions(+)

Comment 4 Kurt Jaeger freebsd_committer

2024-11-20 19:09:44 UTC

Runtest xorg-server done on 14.1p5 amd64 laptop. Sleep and wakeup worked.

Comment 5 commit-hook freebsd_committer

2024-11-20 19:12:04 UTC

A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=a273f8256b3d396de4743e07a5b85b6a0e35ad99

commit a273f8256b3d396de4743e07a5b85b6a0e35ad99
Author:     Kurt Jaeger <pi@FreeBSD.org>
AuthorDate: 2024-11-20 19:10:42 +0000
Commit:     Kurt Jaeger <pi@FreeBSD.org>
CommitDate: 2024-11-20 19:10:42 +0000

    x11-servers/xorg-server: update 21.1.13 -> 21.1.14 to fix CVE-2024-9632

    PR:             282415
    Relnotes:       https://lists.x.org/archives/xorg-announce/2024-October/003545.html
    Reviewed by:    manu

 x11-servers/xorg-server/Makefile | 2 +-
 x11-servers/xorg-server/distinfo | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

Comment 6 commit-hook freebsd_committer

2024-11-20 19:14:05 UTC

A commit in branch 2024Q4 references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=5078ad3a0ec461134bd230a9a19978a326970dff

commit 5078ad3a0ec461134bd230a9a19978a326970dff
Author:     Kurt Jaeger <pi@FreeBSD.org>
AuthorDate: 2024-11-20 19:10:42 +0000
Commit:     Kurt Jaeger <pi@FreeBSD.org>
CommitDate: 2024-11-20 19:13:12 +0000

    x11-servers/xorg-server: update 21.1.13 -> 21.1.14 to fix CVE-2024-9632

    PR:             282415
    Relnotes:       https://lists.x.org/archives/xorg-announce/2024-October/003545.html
    Reviewed by:    manu

    (cherry picked from commit a273f8256b3d396de4743e07a5b85b6a0e35ad99)

 x11-servers/xorg-server/Makefile | 2 +-
 x11-servers/xorg-server/distinfo | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

Comment 7 commit-hook freebsd_committer

2024-11-20 19:17:06 UTC

A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=f771f52f8bf2f19518bc27b4a47c97dee07a323e

commit f771f52f8bf2f19518bc27b4a47c97dee07a323e
Author:     Kurt Jaeger <pi@FreeBSD.org>
AuthorDate: 2024-11-20 19:14:36 +0000
Commit:     Kurt Jaeger <pi@FreeBSD.org>
CommitDate: 2024-11-20 19:14:36 +0000

    x11-servers/xwayland: update 24.1.2 -> 24.1.4 to fix CVE-2024-9632

    PR:             282415
    Relnotes:       https://lists.x.org/archives/xorg-announce/2024-October/003547.html
                    https://lists.x.org/archives/xorg-announce/2024-October/003532.html

 x11-servers/xwayland/Makefile | 4 ++--
 x11-servers/xwayland/distinfo | 6 +++---
 2 files changed, 5 insertions(+), 5 deletions(-)

Comment 8 commit-hook freebsd_committer

2024-11-20 19:18:07 UTC

A commit in branch 2024Q4 references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=33a7791c5fa4bf480f098599deb81106a0b0a30d

commit 33a7791c5fa4bf480f098599deb81106a0b0a30d
Author:     Kurt Jaeger <pi@FreeBSD.org>
AuthorDate: 2024-11-20 19:14:36 +0000
Commit:     Kurt Jaeger <pi@FreeBSD.org>
CommitDate: 2024-11-20 19:17:31 +0000

    x11-servers/xwayland: update 24.1.2 -> 24.1.4 to fix CVE-2024-9632

    PR:             282415
    Relnotes:       https://lists.x.org/archives/xorg-announce/2024-October/003547.html
                    https://lists.x.org/archives/xorg-announce/2024-October/003532.html
    (cherry picked from commit f771f52f8bf2f19518bc27b4a47c97dee07a323e)

 x11-servers/xwayland/Makefile | 4 ++--
 x11-servers/xwayland/distinfo | 6 +++---
 2 files changed, 5 insertions(+), 5 deletions(-)