From nobody Thu Apr 04 10:42:20 2024 X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4V9J940sMmz5GmGx; Thu, 4 Apr 2024 10:42:32 +0000 (UTC) (envelope-from manu@bidouilliste.com) Received: from mx.blih.net (mx.blih.net [212.83.155.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4V9J926gNCz525x; Thu, 4 Apr 2024 10:42:30 +0000 (UTC) (envelope-from manu@bidouilliste.com) Authentication-Results: mx1.freebsd.org; none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bidouilliste.com; s=mx; t=1712227343; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=4udIjfX2pKhEq/76dAEwIVpAnMHOraumLvCgNWosT2Y=; b=hHYxKjXJe5qMwzASyuHmsLqCjuHdHeLKT9h5ysa6OOoYwBoM1TpPHYIWtVU0cN535+Lxas OSHwX3raEpfy9X9q1vi1wIIqZd0UfR2FyVFbjDaE0VzpgBS4RubZ6phYpdjb+wjL4ebIDz /wT3zE08Uts1yOrO31XgAGB/s9zu/f4= Received: from skull.home.blih.net (lfbn-lyo-1-2174-135.w90-66.abo.wanadoo.fr [90.66.97.135]) by mx.blih.net (OpenSMTPD) with ESMTPSA id 5b308359 (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO); Thu, 4 Apr 2024 10:42:23 +0000 (UTC) Date: Thu, 4 Apr 2024 12:42:20 +0200 From: Emmanuel Vadot To: Jan Beich Cc: Emmanuel Vadot , ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: Re: git: 9661a37b4dff - main - security/vuxml: Document recent xorg-server and xwayland vulnerabilities Message-Id: <20240404124220.3a2e694ff4db5ffe6861c08a@bidouilliste.com> In-Reply-To: References: <202404040628.4346SlPx033968@gitrepo.freebsd.org> X-Mailer: Sylpheed 3.7.0 (GTK+ 2.24.33; amd64-portbld-freebsd15.0) List-Id: Commit messages for all branches of the ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-all@freebsd.org X-BeenThere: dev-commits-ports-all@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:12876, ipnet:212.83.128.0/19, country:FR] X-Rspamd-Queue-Id: 4V9J926gNCz525x On Thu, 04 Apr 2024 12:13:20 +0200 Jan Beich wrote: > Emmanuel Vadot writes: > > > + > > + CVE-2024-31080 > > + CVE-2024-31081 > > + CVE-2024-31083 > > + https://lists.x.org/archives/xorg-announce/2024-April/003497.html > > + > > Why CVE-2024-31082 is omitted in and ? Because quoting: This function is only found in the Xquartz server for MacOS systems, and not in Xwayland, Xorg, or any other X servers. I don't see the value in documenting a CVE that doesn't affect us. -- Emmanuel Vadot