[PATCH 0/3] patches for Advisory X41-2017-001
Adam Jackson
ajax at nwnk.net
Tue Feb 28 19:17:39 UTC 2017
On Tue, 2017-02-28 at 19:18 +0100, Matthieu Herrb wrote:
> Hi,
>
> this patches series, already sent (and partially reviewed by) to
> xorg-security address the X server side of Advisory X41-2017-001
> http://marc.info/?l=oss-security&m=148787083023082&w=2
>
> I've only implemented random number generation for Linux using
> arc4random_buf() from libbsd since getting a proper, error-prone
> wrapper around the new getrandom() is too complex for me. I'm leaving
> this open until people get a consensus on how to implement this on
> non-OpenBSD systems.
Totally fair. I'll spin something up for getrandom(), in the meantime
people can install libbsd.
> Concerning the libXdmcp and libICE issues, I've double checked on my
> Linux system that "official" X.Org builds (with build.sh) do depend
> on libbsd and use arc4random_buf() here to generate the cookies. I
> don't know why the versions shipped by some distros seem to still use
> the fallback code.
If I had to guess, it's because we _have_ fallback code. Typical Linux
binary distributions will build packages in chroots that contain only
specified dependencies, and since we allow things to build without
libbsd, they can and do.
Once again: choice is a false virtue.
I've merged this series to master, with a trivial fix to 3/3 to also
delete the function definitions not just their declarations. I'll
cherry-pick them back to 1.19 shortly so they'll be included in 1.19.2.
remote: I: patch #141306 updated using rev d7ac755f0b618eb1259d93c8a16ec6e39a18627c.
remote: I: patch #141307 updated using rev 957e8db38f27932d353e86e9aa69cf16778b18f1.
remote: E: failed to find patch for rev 2855f759b1e7bf7f5e57cac36c1f0d0e5ac1a683.
remote: I: 2 patch(es) updated to state Accepted.
To ssh://git.freedesktop.org/git/xorg/xserver
1b12249..2855f75 master -> master
- ajax
More information about the xorg-devel
mailing list