[PATCH] gnu: xorg-server: Update to 21.1.9.

  • Done
  • quality assurance status badge
Details
2 participants
  • John Kehayias
  • Kaelyn Takata
Owner
unassigned
Submitted by
Kaelyn Takata
Severity
normal
K
K
Kaelyn Takata wrote on 10 Nov 2023 17:46
(address . guix-patches@gnu.org)(name . Kaelyn Takata)(address . kaelyn.alexi@protonmail.com)
80e916fe13f864ec59afe3b8e517dce2bf3b7718.1699634744.git.kaelyn.alexi@protonmail.com
Fixes CVE-2023-5367 and CVE-2023-5380. See the X.Org security advisory
information.

* gnu/packages/xorg.scm (xorg-server): Update to 21.1.9.

Change-Id: I5786210cf1e5de4d603155fbbd076763e7ae3447
---
gnu/packages/xorg.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)

Toggle diff (26 lines)
diff --git a/gnu/packages/xorg.scm b/gnu/packages/xorg.scm
index f65ffa7476..b30e5c1f07 100644
--- a/gnu/packages/xorg.scm
+++ b/gnu/packages/xorg.scm
@@ -5029,7 +5029,7 @@ (define-public libxcvt
(define-public xorg-server
(package
(name "xorg-server")
- (version "21.1.4")
+ (version "21.1.9")
(source
(origin
(method url-fetch)
@@ -5037,7 +5037,7 @@ (define-public xorg-server
"/xserver/xorg-server-" version ".tar.xz"))
(sha256
(base32
- "11y5w6z3rz3i4jyv0wc3scd2jh3bsmcklq0fm7a5invywj7bxi2w"))
+ "0fjk9ggcrn96blq0bm80739yj23s3gjjjsc0nxk4jk0v07i7nsgz"))
(patches
(list
;; See:

base-commit: bb3ab24a296ffa5273b2e82a02ed057e90c095f3
--
2.41.0
K
K
Kaelyn wrote on 27 Nov 2023 21:46
(name . guix-devel)(address . guix-devel@gnu.org)(name . 67047@debbugs.gnu.org)(address . 67047@debbugs.gnu.org)
oBKLOK7bv0h9_mPzM3Orbu1Gw8dE56nyKs7BGhGfyYD1fqmb8bMp7q_2qPF_D97qzYHaRViGDixq6A6a3lhXGDxhotctWZFjqC3GTmqJi5s=@protonmail.com
Hi,

I wanted to bring folks' attention to https://issues.guix.gnu.org/67047which updates xorg-server, including a number of security fixes. The patch has been pending for about 17 days now, and while the QA badge reports "failed" I just spot-checked some of the failures and they seem to be unrelated (e.g. a lot of builds going from unknown to blocked or vice versa, the one new failure for aarch64 being a large download test in the onionshare package, etc).

Is there anything I can do to help the process along? It may also be worth noting that "guix refresh -l xorg-server" reports 125 rebuilds. I also checked and the update to xorg-server does not appear to alter the derivation for the xorg-server-for-tests (which is still at version 21.1.1).

Cheers,
Kaelyn
J
J
John Kehayias wrote on 28 Nov 2023 06:21
(name . Kaelyn)(address . kaelyn.alexi@protonmail.com)
8734wqa1xb.fsf@protonmail.com
Dear Kaelyn,

On Mon, Nov 27, 2023 at 08:46 PM, Kaelyn wrote:

Toggle quote (12 lines)
> Hi,
>
> I wanted to bring folks' attention to
> <https://issues.guix.gnu.org/67047> which updates xorg-server, including
> a number of security fixes. The patch has been pending for about 17
> days now, and while the QA badge reports "failed" I just spot-checked
> some of the failures and they seem to be unrelated (e.g. a lot of
> builds going from unknown to blocked or vice versa, the one new
> failure for aarch64 being a large download test in the onionshare
> package, etc).
>

Thanks for the update. Yes, QA looked good to me too, all things
considered.

Toggle quote (9 lines)
> Is there anything I can do to help the process along? It may also be
> worth noting that "guix refresh -l xorg-server" reports 125 rebuilds.
> I also checked and the update to xorg-server does not appear to alter
> the derivation for the xorg-server-for-tests (which is still at
> version 21.1.1).
>
> Cheers,
> Kaelyn

No, you did exactly what you needed to. I did see this patch when it
came in and was just giving a bit for QA to do the builds. That took
longer, I got distracted hoping I could merge mesa-updates first, then
hit CI delays...all that is to say I should have communicated I had
this on my radar.

Sorry about that! I appreciate the patch and the nudge.

Pushed as 06e0f638abd36f816a221af4542ca4a850d7af2d with a minor tweak
to the commit message to note [security fixes] at the top. I built it
locally for x86_64 with mesa-updates merged.

Which reminds me to make sure we have a way to flagging security
updates just like other teams/tags and get them priority. Now on the
security team, it is a first priority.

Thanks again!
John
Closed
?
Your comment

This issue is archived.

To comment on this conversation send an email to 67047@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 67047
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch