Re: git: 9661a37b4dff - main - security/vuxml: Document recent xorg-server and xwayland vulnerabilities

In reply to: Jan Beich : "Re: git: 9661a37b4dff - main - security/vuxml: Document recent xorg-server and xwayland vulnerabilities"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Emmanuel Vadot <manu_at_bidouilliste.com>
Date: Thu, 04 Apr 2024 10:42:20 UTC

On Thu, 04 Apr 2024 12:13:20 +0200
Jan Beich <jbeich@FreeBSD.org> wrote:

> Emmanuel Vadot <manu@FreeBSD.org> writes:
> 
> > +    <references>
> > +      <cvename>CVE-2024-31080</cvename>
> > +      <cvename>CVE-2024-31081</cvename>
> > +      <cvename>CVE-2024-31083</cvename>
> > +      <url>https://lists.x.org/archives/xorg-announce/2024-April/003497.html</url>
> > +    </references>
> 
> Why CVE-2024-31082 is omitted in <references> and <description>?

 Because quoting:
This function is only found
in the Xquartz server for MacOS systems, and not in Xwayland, Xorg, or
any other X servers.

 I don't see the value in documenting a CVE that doesn't affect us.

-- 
Emmanuel Vadot <manu@bidouilliste.com> <manu@freebsd.org>