expo (was: Re: [CVE-2006-0745] X.Org Security Advisory: privilege escalation and DoS in X11R6.9, X11R7.0)

Daniel Stone daniel at freedesktop.org
Sat Apr 1 16:11:18 PST 2006


On Sun, Apr 02, 2006 at 01:07:53AM +0300, Daniel Stone wrote:
> These patches are still not available from ftp.x.org.  (As, I note, are
> the individual packages released since X11R7.0.)
> 
> Wasn't the entire point of having expo, to have a machine we could
> reliably use for things like this?  As far as I can tell, the only
> difference is that www.x.org is now up to date, being the same as
> xorg.freedesktop.org once was.  However, ftp.x.org is still
> redistributing code with critical vulnerabilities, so once again, we
> have to point people to xorg.freedesktop.org and urge them to avoid
> ftp.x.org.
> 
> What is expo actually doing?  Why do developers still not have access to
> it?  Why is it not even mirroring the master site (xorg.fd.o)?

ObBug: #6428.  I'm really sucking at remembering to do this.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 191 bytes
Desc: Digital signature
URL: <http://lists.x.org/archives/xorg/attachments/20060402/0e5cc1c0/attachment.pgp>


More information about the xorg mailing list