Re the xorg-x11 GLSA 200509-07. Is bug #96053 fixed in -r3? The -r2 version is unusable for me because of this. According to the bug its resolved, fixed upstream, but there is no detail which versions of xorg it applies to. BillK -- -- gentoo-security <at> gentoo.org mailing list
"W.Kenworthy" <billk <at> iinet.net.au> skribis: > Re the xorg-x11 GLSA 200509-07. Is bug #96053 fixed in -r3? The -r2 > version is unusable for me because of this. Apparently not -- I tried OpenOffice and it still has black icons. -- -- Barry.SCHWARTZ <at> chemoelectric.org http://www.chemoelectric.org Esperantistoj rajtas skribi al Barijo.SXVARCO <at> chemoelectric.org 'And now we're going to go try to comfort people in that part of the world.' -- Bush, referring to the southeastern U.S.
W.Kenworthy wrote: > Re the xorg-x11 GLSA 200509-07. Is bug #96053 fixed in -r3? The -r2 > version is unusable for me because of this. > > According to the bug its resolved, fixed upstream, but there is no > detail which versions of xorg it applies to. The -r3 is just -r2 + the security fix. I guess you'll have to wait for the next version... -- Koon -- -- gentoo-security <at> gentoo.org mailing list
On Tue, Sep 13, 2005 at 06:59:21AM +0800, W.Kenworthy wrote: > Re the xorg-x11 GLSA 200509-07. Is bug #96053 fixed in -r3? The -r2 > version is unusable for me because of this. > > According to the bug its resolved, fixed upstream, but there is no > detail which versions of xorg it applies to. > > BillK Hi Bill, -r3 is just a simple security bump from -r2, so it should have all the characteristics of -r2 except for that buffer overflow issue with pixmap memory requests. So yeah, you'll still see black icons, but please do track the upstream bug: https://bugs.freedesktop.org/show_bug.cgi?id=3781 Thanks, Seemant -- -- gentoo-security <at> gentoo.org mailing list
I'm using the workaround of manually deleting the problem patch during the build. The problem for gentoo that I see is that with the removal of -r1 (and xfree being the only viable alternative is not available either), gentoo does not have a usable desktop for those actually using it in production, so this should be viewed as a serious issue that requires active resolution - just leaving this issue in place until we catch up with upstream means this is going to become a running sore for gentoo. We (the users) need a stable, secure, and working X. BillK On Tue, 2005-09-13 at 11:03 -0400, Seemant Kulleen wrote: > On Tue, Sep 13, 2005 at 06:59:21AM +0800, W.Kenworthy wrote: > > Re the xorg-x11 GLSA 200509-07. Is bug #96053 fixed in -r3? The -r2 > > version is unusable for me because of this. > > > > According to the bug its resolved, fixed upstream, but there is no > > detail which versions of xorg it applies to. > > > > BillK > > Hi Bill, > > -r3 is just a simple security bump from -r2, so it should have all the > characteristics of -r2 except for that buffer overflow issue with pixmap > memory requests. So yeah, you'll still see black icons, but please do > track the upstream bug:(Continue reading)
Placing demands on the devs who donate their time for this community is not exactly the way of going about it. Finding a way to help those devs is a better path to a solution. ;) On Wed, 2005-09-14 at 07:28 +0800, William Kenworthy wrote: > I'm using the workaround of manually deleting the problem patch during > the build. > > The problem for gentoo that I see is that with the removal of -r1 (and > xfree being the only viable alternative is not available either), gentoo > does not have a usable desktop for those actually using it in > production, so this should be viewed as a serious issue that requires > active resolution - just leaving this issue in place until we catch up > with upstream means this is going to become a running sore for gentoo. > > We (the users) need a stable, secure, and working X. > > BillK > > > > On Tue, 2005-09-13 at 11:03 -0400, Seemant Kulleen wrote: > > On Tue, Sep 13, 2005 at 06:59:21AM +0800, W.Kenworthy wrote: > > > Re the xorg-x11 GLSA 200509-07. Is bug #96053 fixed in -r3? The -r2 > > > version is unusable for me because of this. > > > > > > According to the bug its resolved, fixed upstream, but there is no > > > detail which versions of xorg it applies to. > > > > > > BillK(Continue reading)
On Wednesday 14 September 2005 01:28, William Kenworthy wrote: > I'm using the workaround of manually deleting the problem patch during > the build. > > The problem for gentoo that I see is that with the removal of -r1 (and > xfree being the only viable alternative is not available either), gentoo > does not have a usable desktop for those actually using it in > production, so this should be viewed as a serious issue that requires > active resolution - just leaving this issue in place until we catch up > with upstream means this is going to become a running sore for gentoo. > > We (the users) need a stable, secure, and working X. where did you get the idea, that a moving target like gentoo is apropriate for a production box? If you put gentoo onto such a box, it is your very own problem. If you want total stability and a lot of testing prior a patch goes out, maybe you should spent the bucks and buy SLES or RHEL If something breaks with them, you have a right to whine. Oh, and by the way: for me X is stable, secure and working - everybody has different needs. -- -- gentoo-security <at> gentoo.org mailing list
Your missreading what I am saying. 1. I am not placing "demands" 2. I have pointed out the solution 3. I have pointed out the problem for gentoo as a distro 4. Everybodies requirements are different: unless devs get feedback on whats important to users, how would they know. I acknowledge that whats important to devs is not neccessarily going to gel for the users, but the fact that gentoo now does not have a usable desktop for a large part of its user community should be a concern for all. BillK On Tue, 2005-09-13 at 20:30 -0400, xyon wrote: > Placing demands on the devs who donate their time for this community is > not exactly the way of going about it. Finding a way to help those devs > is a better path to a solution. ;) > > On Wed, 2005-09-14 at 07:28 +0800, William Kenworthy wrote: > > I'm using the workaround of manually deleting the problem patch during > > the build. > > > > The problem for gentoo that I see is that with the removal of -r1 (and > > xfree being the only viable alternative is not available either), gentoo > > does not have a usable desktop for those actually using it in > > production, so this should be viewed as a serious issue that requires > > active resolution - just leaving this issue in place until we catch up > > with upstream means this is going to become a running sore for gentoo. > > > > We (the users) need a stable, secure, and working X.(Continue reading)
William Kenworthy wrote: > I'm using the workaround of manually deleting the problem patch during > the build. > > The problem for gentoo that I see is that with the removal of -r1 (and > xfree being the only viable alternative is not available either), gentoo > does not have a usable desktop for those actually using it in > production, so this should be viewed as a serious issue that requires > active resolution - just leaving this issue in place until we catch up > with upstream means this is going to become a running sore for gentoo. > > We (the users) need a stable, secure, and working X. > > BillK The whole point of Gentoo is that you have the Ultimate say on what goes. If you don't like the current version of X you can write your own ebuild and do it however you like. No one forces you to use the ebuilds put out by the developers. If you want the -r1 version feel free to go into ViewCVS and get it; it should still be there. If you want your solution to be merged, you are better off trying to convince xorg's maintainer and you are better off having the work laid out to be done so that it's not a PITA for them to integrate it into Gentoo's tree. This mailing list is not the place for discussion of how the bug should be patched in the source, or whining because the ebuild the developer provided doesn't suit your particular needs. Make an overlay, modify the ebuild, and hazzah your needs are met. Gentoo has never promised a stable solution and unless the relevant GLEP is taken up by someone and implemented probably never will. -- --(Continue reading)
"W.Kenworthy" <billk <at> iinet.net.au> skribis: > 4. Everybodies requirements are different: unless devs get feedback on > whats important to users, how would they know. I acknowledge that whats > important to devs is not neccessarily going to gel for the users, but > the fact that gentoo now does not have a usable desktop for a large part > of its user community should be a concern for all. You could likely use the upstream version rather than the Gentoo percolated product. That's what I do with my kernel patches, partly for similar reasons as what you are dealing with. -- -- Barry.SCHWARTZ <at> chemoelectric.org http://www.chemoelectric.org Esperantistoj rajtas skribi al Barijo.SXVARCO <at> chemoelectric.org 'And now we're going to go try to comfort people in that part of the world.' -- Bush, referring to the southeastern U.S.
RSS Feed1 | |
|---|---|
1 | |
1 | |
1 | |
1 | |
1 | |
2 | |
30 | |
1 | |
1 | |
15 | |
9 | |
3 | |
8 | |
5 | |
5 | |
4 | |
5 | |
5 | |
2 | |
3 | |
10 | |
4 | |
7 | |
29 | |
68 | |
4 | |
4 | |
2 | |
19 | |
1 | |
7 | |
24 | |
41 | |
21 | |
23 | |
25 | |
5 | |
22 | |
26 | |
54 | |
20 | |
4 | |
78 | |
127 | |
55 | |
15 | |
45 | |
34 | |
54 | |
65 | |
80 | |
104 | |
69 | |
269 | |
13 | |
23 | |
86 | |
126 | |
33 | |
69 | |
117 | |
196 | |
78 | |
147 | |
74 | |
30 | |
32 | |
80 | |
22 | |
14 | |
33 | |
25 | |
72 | |
120 | |
18 | |
24 | |
34 | |
12 | |
35 | |
23 | |
22 |
