Bump x11-servers/xorg-server to 21.1.20
AbandonedPublic
Actions

Authored by polarian_polarian.dev on Thu, Nov 20, 8:58 PM.

Details

Reviewers

None

Group Reviewers

Ports Committers
ports secteam

Summary

I have no clue how xorg-server works, however it has been vulnerable for 17 days with high severity vulnerabilities. Xorg runs with setuid so vulnerabilities within it are concerning, so I had a crack at it myself, and a simple version bump seemed to be all it needed, I am using 21.1.20 to submit this patch now, everything seems to work fine.

Fixes CVE-2025-62229 CVE-2025-62230 CVE-2025-62231 (https://www.vuxml.org/freebsd/e99a32c8-b8e2-11f0-8510-b42e991fc52e.html)

Diff Detail

Repository

R11 FreeBSD ports repository

Lint

Lint Skipped

Unit

Tests Skipped

Event Timeline

polarian_polarian.dev requested review of this revision.Thu, Nov 20, 8:58 PM

polarian_polarian.dev created this revision.

thierry added a reviewer: ports secteam.Thu, Nov 20, 9:04 PM

Duplicate of a patch on bugzilla I seem to have missed:

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=290655

polarian_polarian.dev retitled this revision from Bump x11-server/xorg-server to 21.1.20 to Bump x11-servers/xorg-server to 21.1.20.Fri, Nov 21, 11:25 AM

polarian_polarian.dev edited the summary of this revision. (Show Details)Fri, Nov 21, 1:33 PM

Duplicate.