Announcement

Collapse
No announcement yet.

The XMir Security Issue Should Now Be Resolved

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • The XMir Security Issue Should Now Be Resolved

    Phoronix: The XMir Security Issue Should Now Be Resolved

    Yesterday we passed along news of an XMir security issue where using Canonical's X11 transition layer in communicating with the Mir display server, when performing a VT switch the XMir session can still read input from devices. Fortunately, this issue looks to now be resolved...

    http://www.phoronix.com/vr.php?view=MTQ0Mzg

  • #2
    Originally posted by phoronix View Post
    Phoronix: The XMir Security Issue Should Now Be Resolved

    Yesterday we passed along news of an XMir security issue where using Canonical's X11 transition layer in communicating with the Mir display server, when performing a VT switch the XMir session can still read input from devices. Fortunately, this issue looks to now be resolved...

    http://www.phoronix.com/vr.php?view=MTQ0Mzg
    "Should Be Resolved" but any ways, it was good you posted the, Article on XMir security issue's keep them coming to let users know a head of time it was shame they did not have a huge hole like this in there wiki or letting the users know a head of time

    well the Unity Lens AD's has porn in it too but oh well any one know if they fixed it?
    http://mindaict.blogspot.com/2012/09...l#.UhfY-6yP-PI

    Comment


    • #3
      If you were looking for porn, then one would call that a feature (shifty eyes).

      There is a built in way to turn amazon search off, btw.

      Comment


      • #4
        what the problem?

        Originally posted by LinuxGamer View Post
        "Should Be Resolved" but any ways, it was good you posted the, Article on XMir security issue's keep them coming to let users know a head of time it was shame they did not have a huge hole like this in there wiki or letting the users know a head of time

        well the Unity Lens AD's has porn in it too but oh well any one know if they fixed it?
        http://mindaict.blogspot.com/2012/09...l#.UhfY-6yP-PI
        you don t see porno when you are a child? lol

        ppl try everything, go out and live your life and stop with stupid things

        Comment


        • #5
          Originally posted by Andrecorreia View Post
          you don t see porno when you are a child? lol

          ppl try everything, go out and live your life and stop with stupid things
          Weren't you supposed to leave Phoronix forever, because Michael said it was good news Xubuntu won't use XMir on 13.10?

          Comment


          • #6
            [QUOTE=LinuxGamer;352835]"Should Be Resolved" but any ways, it was good you posted the, Article on XMir security issue's keep them coming to let users know a head of time it was shame they did not have a huge hole like this in there wiki or letting the users know a head of time

            --snip

            This software is not currently enabled in any distributed version of Ubuntu. So no. Its not a "shame" Is it a shame that the CONFIG_PERF_EVENTS MASSIVE hole was left in the Linux kernel for 2 whole years and distributed to world+dog and when they supposedly "patched" the gaping hole 4 months ago they failed to mention the criticality of this bug? is that a "shame"?

            Comment


            • #7
              This is still broken as of revision 1007, presumably because corresponding code needs to land in Xmir.

              Comment


              • #8
                Originally posted by mjg59 View Post
                This is still broken as of revision 1007, presumably because corresponding code needs to land in Xmir.
                Wait at least a few days, it's probably in the staging PPA right now.

                Comment


                • #9
                  Originally posted by mrugiero View Post
                  Wait at least a few days, it's probably in the staging PPA right now.
                  What is? The commit Michael references as fixing the problem is in the Mir libraries that I'm running.

                  Comment


                  • #10
                    Originally posted by mjg59 View Post
                    What is? The commit Michael references as fixing the problem is in the Mir libraries that I'm running.
                    Oh. I thought it was just released. They did that with the cursor fix.

                    Comment

                    Working...
                    X