Leo Famulari <l...@famulari.name> skribis: > There is an Xorg security advisory: > https://lists.freedesktop.org/archives/xorg/2016-October/058344.html > > This patch series applies the patches recommended by upstream using > grafts. > > Leo Famulari (8): > gnu: libx11: Fix CVE-2016-{7942,7943}. > gnu: libxfixes: Fix CVE-2016-7944. > gnu: libxi: Fix CVE-2016-{7945,7946}. > gnu: libxrandr: Fix CVE-2016-{7947,7948}. > gnu: libxrender: Fix CVE-2016-{7949,7950}. > gnu: libxtst: Fix CVE-2016-{7951,7952}. > gnu: libxv: Fix CVE-2016-5407. > gnu: libxvmc: Fix CVE-2016-7953.
This all LGTM. I tested by (1) building and a running a couple of grafted X clients talking to my (ungrafted) X server, and (2) building my laptop’s config with ‘guix system vm’ and checking that both the X server and typical X clients functioned. So I think this can go in on master. (On core-updates it’s probably best to upgrade these libraries instead of patching them, as you wrote on IRC.) Thanks a lot! Ludo’.