[PATCH 0/3] patches for Advisory X41-2017-001

Matthieu Herrb matthieu at herrb.eu
Tue Feb 28 22:36:08 UTC 2017 

On Tue, Feb 28, 2017 at 02:17:39PM -0500, Adam Jackson wrote:
> On Tue, 2017-02-28 at 19:18 +0100, Matthieu Herrb wrote:
> > Hi,
> > 
> > this patches series, already sent (and partially reviewed by) to
> > xorg-security address the X server side of Advisory X41-2017-001
> > http://marc.info/?l=oss-security&m=148787083023082&w=2
> > 
> > I've only implemented random number generation for Linux using
> > arc4random_buf() from libbsd since getting a proper, error-prone
> > wrapper around the new getrandom() is too complex for me. I'm leaving
> > this open until people get a consensus on how to implement this on
> > non-OpenBSD systems.
> 
> Totally fair. I'll spin something up for getrandom(), in the meantime
> people can install libbsd.
> 
> > Concerning the libXdmcp and libICE issues, I've double checked on my
> > Linux system that "official" X.Org builds (with build.sh) do depend
> > on libbsd and use arc4random_buf() here to generate the cookies. I
> > don't know why the versions shipped by some distros seem to still use
> > the fallback code.
> 
> If I had to guess, it's because we _have_ fallback code.

Makes sense yes.

> Typical Linux
> binary distributions will build packages in chroots that contain only
> specified dependencies, and since we allow things to build without
> libbsd, they can and do.
> 
> Once again: choice is a false virtue.
> 
> I've merged this series to master, with a trivial fix to 3/3 to also
> delete the function definitions not just their declarations. I'll
> cherry-pick them back to 1.19 shortly so they'll be included in 1.19.2.
> 
> remote: I: patch #141306 updated using rev d7ac755f0b618eb1259d93c8a16ec6e39a18627c.
> remote: I: patch #141307 updated using rev 957e8db38f27932d353e86e9aa69cf16778b18f1.
> remote: E: failed to find patch for rev 2855f759b1e7bf7f5e57cac36c1f0d0e5ac1a683.
> remote: I: 2 patch(es) updated to state Accepted.
> To ssh://git.freedesktop.org/git/xorg/xserver
>    1b12249..2855f75  master -> master

Thanks.

-- 
Matthieu Herrb
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 793 bytes
Desc: not available
URL: <https://lists.x.org/archives/xorg-devel/attachments/20170228/9da58d18/attachment.sig>

More information about the xorg-devel mailing list