Date: Mon, 5 Jul 2004 20:20:05 -0400 From: Michael Edenfield <kutulu@kutulu.org> To: ports@freebsd.org Subject: Security Flaw in xorg-client? Message-ID: <20040706002005.GA67491@wombat.jungle>
next in thread | raw e-mail | index | archive | help
--r5Pyd7+fXNt84Ff3 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable My nightly security scan has been complaining lately about this: Affected package: xorg-clients-6.7.0 = =20 Type of problem: XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0. =20 1) Am I correct that this issue is related to xdm, so if I'm running a replacement and/or not running a display manager this isn't an issue? 2) Is this bug really shared by XF86 and Xorg, and the description needs updating, or is it just picking up xdm and assuming it's a broken XF86 version, or what? Thanks for your time, --Mike --r5Pyd7+fXNt84Ff3 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFA6fA1fY3jRMAKmKERAs2wAJ9cG5TX6n3OxA1Z48wSy+SLSk5H4wCg3aRe CDGffmuWMTvO4SVSgZVH83o= =HQr+ -----END PGP SIGNATURE----- --r5Pyd7+fXNt84Ff3--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040706002005.GA67491>