Announcement

Collapse
No announcement yet.

XWayland & X.Org Server See New Releases Due To Three More Security Vulnerabilities

Collapse
X
Collapse
 
  • Page of 5
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 4 5 template Next
  • #31
    Originally posted by JackLilhammers View Post

    As eager I am to move to Wayland, it sucks way more not having all the needed features, like AnyDesk and TeamViewer support!
    (and this is true also for all the many use cases other people come up with, even kind of niche ones)
    Maybe it's time to ask the developers of those programs to stop monkeying around and support Linux properly, which includes Wayland support.
    If OBS Studio, Firefox, Chromium can ask the permission to capture the screen, I'm sure other programs can do it too, if their developers support Wayland properly.
    • Likes 3

    Comment

    • #32
      Originally posted by Sethox View Post

      As soon as you plug into the internet or allow rules into your computer from your firewall you put your computer in the danger zone, that's the basic assumption of the internet. Everything else is just to minimize the security issues that follows by the basic assumptions (as it doesn't outright removes the danger).
      In any case, I'm not that concerned with vulnerabilities. It's similar to leaving the Cisco XE web interface out in the open to the Internet and there will always be vulnerabilities no matter how strong the username and password is. You should always use VPN whenever possible. It's the same with leaving an X11 server exposed to the Internet.

      Comment

      • #33
        Originally posted by andyprough View Post
        Xorg sure has been getting a lot of security releases and new feature releases lately for such a "dead" project with "no developers".
        xserver 21.1.9 was released 7 months after .8. Apart from the security fixes which triggered the .9 release (who knows when it would have happened otherwise, if at all), it contains a whopping two minor changes (one of which was previously released in Xwayland 23.1.0 7 months ago, i.e. around the same time as xserver 21.1.8). All changes in .9 are in DIX code, which is used by all other DDXen as well, and whose development is mainly driven by Xwayland these days. The last changes to Xorg specific code were in xserver 21.1.4, released over a year ago.

        This is pretty much as dead as it gets.

        Comment

        • #34
          Originally posted by Grinness View Post
          you missing the key point: the linux kernel is actively developed and maintained.
          X11 is not, all the X11 developers moved to Wayland.
          Must be why these vulnerabilities are exposed and fixed. I guess they fix themselves, no maintainers needed.

          2 of those are niche btw (read their fucking mailing list), and don't even affect XWayland, only the first one does. So extremely unlikely to ever be found in the wild. Yet they were still fixed. Get fucked.

          Originally posted by Grinness View Post
          Do all of us a favor and use the C64.. and do not connect it to the internet
          That's actually Crapland considering it removes everything useful "in the name of paranoia". So get off the internet, then you're fully secure.

          I don't give a shit if I'm exposed.

          Comment

          • #35
            Originally posted by MrCooper View Post

            xserver 21.1.9 was released 7 months after .8. Apart from the security fixes which triggered the .9 release (who knows when it would have happened otherwise, if at all), it contains a whopping two minor changes (one of which was previously released in Xwayland 23.1.0 7 months ago, i.e. around the same time as xserver 21.1.8). All changes in .9 are in DIX code, which is used by all other DDXen as well, and whose development is mainly driven by Xwayland these days. The last changes to Xorg specific code were in xserver 21.1.4, released over a year ago.

            This is pretty much as dead as it gets.
            First of all, 6 point releases in the past 15 months including numerous security fixes is not dead by any standard whatsoever.

            Secondly, I ask again - why are you cheerleading the death of a project that's needed by the 2/3 of GNU/Linux users who do not use Gnome or KDE or a couple of wonky Wayland window managers? And the remaining 1/3 who do use Gnome or KDE still don't have anywhere close to 100% Wayland adoption. Xorg is going to be extremely important for many years to come for a huge percentage of users who for good reasons do not desire to move to a resource hog of a desktop environment or to an incomplete window manager. It's a betrayal of the larger GNU/Linux community to desire for them to be pushed out of the use of their OS.

            Comment

            • #36
              Originally posted by Veto View Post

              And what jokes did I now tell?!? And what other person did I discuss?

              You acuse me of a lot, but seem to be arguing with some complete other person. Please take a deep breath and keep the discussion factual...
              avis (birdie) is known for being like that. Goes full war mode once somebody counters his argument.
              • Likes 1

              Comment

              • #37
                Originally posted by tildearrow View Post

                avis (birdie) is known for being like that. Goes full war mode once somebody counters his argument.
                Ahh. Got it. Thanks! Have a nice day 👍

                Comment

                • #38
                  Originally posted by andyprough View Post

                  why are you cheerleading the death
                  I'm not. I'm just pointing out the fact that Xorg upstream is dead, Jim. Unless somebody steps up big time, the only way for it to go is down.

                  the 2/3 of GNU/Linux users who do not use Gnome or KDE
                  According to https://www.gamingonlinux.com/index....nvironment-top 2/3 of Linux gamers are using GNOME or KDE, with an upward trend. I'd expect the percentage to be higher among the general population.

                  Comment

                  • #39
                    Originally posted by Danny3 View Post

                    Maybe it's time to ask the developers of those programs to stop monkeying around and support Linux properly, which includes Wayland support.
                    If OBS Studio, Firefox, Chromium can ask the permission to capture the screen, I'm sure other programs can do it too, if their developers support Wayland properly.
                    With all due respect, maybe I've more important things to do.
                    Like working on actual features that matter to the users of the product I'm managing.

                    Here we are quite tech-savvy, but most people aren't and don't really know, let alone care, about the transition from Xorg to Wayland.
                    We'll switch when it's seamless

                    Comment

                    • #40
                      Originally posted by MrCooper View Post
                      2/3 of Linux gamers are using GNOME or KDE
                      You're taking a statistic from 2,000 GNU/Linux gamer profiles on a gamer website to represent all GNU/Linux users? How very scientific.

                      You do realize that the likely reason KDE is number one in that poll is because it's the default on the Steamdeck, don't you? These numbers have absolutely nothing to do with general GNU/Linux usage.

                      Comment

                      Previous 1 2 3 4 5 template Next
                      Working...
                      X