X.org just released a security advisory this morning pertaining to certain vulnerabilities in xserver and libXfont (I don't have a link since it's not hit the list archives yet). I am 100% certain we are vulnerable to at least one, and I know we are not vulnerable to at least one. Rather than spend time verifying which we are vulnerable to and which we aren't, I decided to just integrate all the patches (except where I was 100% certain we were not affected) and push out the update. Here are the release notes: http://trac.macosforge.org/projects/xquartz/wiki/X112.1.3 Here is the pkg: http://xquartz.macosforge.org/downloads/X11-2.1.3-rc1.pkg Please test and get back to me. --Jeremy
Seems to be working fine for me. Thanks!!!! Merle On Jan 17, 2008, at 3:22 PM, Jeremy Huddleston wrote:
X.org just released a security advisory this morning pertaining to certain vulnerabilities in xserver and libXfont (I don't have a link since it's not hit the list archives yet). I am 100% certain we are vulnerable to at least one, and I know we are not vulnerable to at least one. Rather than spend time verifying which we are vulnerable to and which we aren't, I decided to just integrate all the patches (except where I was 100% certain we were not affected) and push out the update.
Here are the release notes: http://trac.macosforge.org/projects/xquartz/wiki/X112.1.3
Here is the pkg: http://xquartz.macosforge.org/downloads/X11-2.1.3-rc1.pkg
Please test and get back to me.
--Jeremy_______________________________________________ Xquartz-dev mailing list Xquartz-dev@lists.macosforge.org http://lists.macosforge.org/mailman/listinfo/xquartz-dev
participants (2)
-
Jeremy Huddleston
-
Merle Reinhart