Date: Mon, 5 Jul 2004 20:20:05 -0400 From: Michael Edenfield <kutulu@kutulu.org> To: ports@freebsd.org Subject: Security Flaw in xorg-client? Message-ID: <20040706002005.GA67491@wombat.jungle>
next in thread | raw e-mail | index | archive | help
--r5Pyd7+fXNt84Ff3
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
My nightly security scan has been complaining lately about this:
Affected package: xorg-clients-6.7.0 =
=20
Type of problem: XFree86 opens a chooserFd TCP socket even when
DisplayManager.requestPort is 0. =20
1) Am I correct that this issue is related to xdm, so if I'm running a
replacement and/or not running a display manager this isn't an issue?
2) Is this bug really shared by XF86 and Xorg, and the description needs
updating, or is it just picking up xdm and assuming it's a broken XF86
version, or what?
Thanks for your time,
--Mike
--r5Pyd7+fXNt84Ff3
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)
iD8DBQFA6fA1fY3jRMAKmKERAs2wAJ9cG5TX6n3OxA1Z48wSy+SLSk5H4wCg3aRe
CDGffmuWMTvO4SVSgZVH83o=
=HQr+
-----END PGP SIGNATURE-----
--r5Pyd7+fXNt84Ff3--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040706002005.GA67491>