On Thu, Nov 01, 2018 at 04:33:21PM -0400, Adam Jackson wrote: > On Thu, 2018-11-01 at 13:08 -0500, Chris Adams wrote: > > Once upon a time, Jiri Eischmann <eischm...@redhat.com> said: > > > I wonder if Fedora has even been affected. I was not able to reproduce > > > the exploit on Fedora 29 Workstation (with Xorg older than the one > > > fixing the issue). > > > > IIRC F29 Workstation uses Wayland, not X, right? > > The thing driving the display [1] is a wayland server named gnome- > shell. Due to accident of implementation there is also an X server > named Xwayland running as well. This CVE affects the X server named > Xorg.
If I understand this CVE correctly, it doesn't matter what X server is running (if any at all). Do matter what setuid-root Xorg binary is installed (or not). -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing?
signature.asc
Description: PGP signature
_______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
