X.Org News Archives

Xcompmgr 1.1.10 was released yesterday as the newest update to this basic X11 compositor providing "eye candy" effects for classic X.Org usage.

CVE-2024-9632 was made public today as the latest security vulnerability affecting the X.Org Server. The CVE-2024-9632 security issue has been present in the codebase now for 18 years and can lead to local privilege escalation.

It's taken until now to add FreeBSD to the X.Org Continuous Integration (CI) automated testing so that all proposed changes to the X.Org Server can now be build-tested on FreeBSD rather than just Linux.

Alan Coopersmith of Oracle -- thanks to his work on Solaris and maintaining the X11 support -- continues to be one of the few developers left managing new X.Org software component releases. This weekend Coopersmith released libX11 1.8.10 as the newest version of this client-side library for the core X11 protocol.

Coming just a day after posting a big set of patches for improving VRR display support under the X.Org Server, Enrico Weigelt today announced the release of the X.Org Testing Ground v0.0.4 software that now supports OpenIndiana / Illumos (OpenSolaris) in addition to its Linux and BSD platform support.

Open-source developer Enrico Weigelt has in recent months taken to near single-handedly maintain and further enhance the aging X.Org Server codebase. The latest area that Weigelt has been working to improve is around the X.Org Server's Variable Refresh Rate (VRR) support.

Last week marked the inaugural release of the X.Org Testing Ground Toolkit to make it easier to compile the X.Org Server. That v0.0.1 release was limited to supporting Debian/Apt-based Linux distributions while now this helper toolkit has been extended to support FreeBSD and NetBSD too.

While the upstream X.Org Server development remains slow with most of the large vendors treating it in maintenance mode and not investing in new features, open-source developer Enrico Weigelt has been one of the few still working to improve the X.Org Server. As part of his work besides pushing new patches and testing of the latest X.Org Server Git state, today he announced the release of the X.Org Testing Ground Toolkit v0.0.1 as a means to help in facilitate testing of the latest X.Org Server Git by making it easier to build it.

While on Linux the desktop environments, graphics stack, and other application software is steadily adopting Wayland support and focusing less on X11/X.Org support, the state of Wayland support and the open-source graphics driver stack in general is less robust among the BSDs. The NetBSD project published a status report around their ongoing dependence and modifications to their X.Org stack.

Longtime X.Org maintainer Alan Coopersmith with Oracle released a new version of xconsole, the program that displays an X11 window containing the messages sent to /dev/console. This xconsole 1.1 release comes 18 years after the xconsole 1.0 release.

For those trying to use the X.Org Server's GLAMOR accelerated 2D rendering on legacy/obsolete GPUs, there's now a fallback in place to allow software rendering to work when encountering crippled hardware.

One year in the making, NVIDIA's code for explicit GPU synchronization in XWayland along with the X.Org Server DRI3 and Present extensions has now been merged! This is a big culmination of all the recent work around Wayland explicit synchronization and notably takes care of a number of NVIDIA driver problems on Wayland in the process.

Last year the X.Org Server disabled byte-swapped clients by default over being a large and known attack surface within the X.Org/XWayland codebase. That's proven itself to further be the case with 3 of 4 new CVEs made public today being around the byte-swapped code.

The X.Org Foundation's elections for the Board of Directors have been delayed as there weren't enough participants nominated for the available seats to hold an election.

There are still no signs of a new X.Org Server feature release coming in the near-term with most of the major stakeholders divesting from the xorg-server besides the XWayland portion of the code-base. But for those interested in the past few days there have been some NetBSD/OpenBSD build fixes to the X.Org Server as well as clearing out some remnants of old compiler support.

It was in 2013 a security researcher called the X.Org Server security state "worse than it looks" and quite a disaster from the security/bug perspective for the aging codebase. A decade later there's still no shortage of security vulnerabilities being uncovered within the X.Org Server.

A change merged to the X.Org Server Git for the generic xf86-video-modesetting DDX driver is helping conserve some power consumption at least for Intel graphics by determining the optimal hardware cursor size.

The X.Org Server doesn't see much in the way of feature work these days with Red Hat and others divesting from classic X.Org/X11 sessions. But there continues to be new point releases of the X.Org Server and the XWayland code due to long-standing security issues within the X.Org codebase. New point releases were out last night due to two CVEs for bugs dating back to 2007 and 2009.

Red Hat has formally confirmed what many were thinking: Red Hat Enterprise Linux 10 will be doing away with X.Org Server support aside from XWayland.

Luc Verhaegen has announced the return of the Graphics DevRoom for FOSDEM 2024 taking place in early February in Brussels.

XWayland has added a new "-glamor" command-line argument to allow specifically choosing between OpenGL or OpenGL ES use for acceleration.

The X.Org Server and XWayland saw new point releases today as a result of three more security vulnerabilities being disclosed.

It was a decade ago that a security researcher commented on X.Org Server security being even "worse than it looks" and that the GLX code for example was "80,000 lines of sheer terror" and hundreds of bugs being uncovered throughout the codebase. In 2023 new X.Org security vulnerabilities continue to be uncovered, two of which were made public today and date back to X11R2 code from the year 1988.

The xf86-video-siliconmotion X.Org driver has seen its first new release in six years for supporting the Silicon Motion Lynx and Cougar chipsets found in vintage laptops.

There's just under one month to go now until the X.Org Developers' Conference (XDC) returns to A Coruña, Spain for the annual development conference focused on open-source graphics drivers (Mesa), Wayland, and related Linux display/graphics infrastructure although the X.Org Server itself hasn't received much attention in recent years. Here's a look at some of the planned talks for the exciting XDC 2023.

The second release candidate of XWayland 23.2 is now available that restores an earlier performance optimization around depth 24 windows.

The most popular topic among the emails I received this weekend weren't of direct technical nature but the number of people pointing out Twitter's new "X" logo and the similarities to the X.Org logo.

The release candidate is out today for XWayland 23.2 as the next update for this code that allows for X11 clients to function within Wayland environments.

X.Org members have approved of the X.Org Foundation letting the Software Freedom Conservancy (SFC) become its fiscal sponsor.

The xf86-video-ati 22.0 driver has been released as a rare update to this X.Org DDX driver used by older pre-GCN ATI/AMD Radeon graphics cards.

In clearing up the state of various X.Org packages that have been effectively unmaintained for years, an attempt is being made to better communicate the status of some "retired" X.Org packages that Linux distributions should work towards removing as they are no longer being maintained.

Longtime X.Org release wrangler Alan Coopersmith at Oracle spent some of his Easter working out new releases of seldom-touched X.Org graphics/display drivers.

Peter Hutterer, Red Hat's leading Linux input expert, today released xf86-input-libinput 1.3 as the newest version of this X.Org Server driver for making use of libinput in an X.Org Server world.

For over a decade now the X.Org Server has been seeing routine security disclosures in its massive codebase with some security researchers saying it's even worse than it looks and security researchers frequently finding multiple vulnerabilities at a time in the large and aging code-base that these days rarely sees new feature work. Today another disclosure was made by the folks with the Trend Micro Zero Day Initiative.

While XWayland is in fairly good shape for enjoying both native and emulated games relying on X11 to run atop Wayland compositors for Linux gaming, occasionally different peculiar issues are uncovered. The most recent issue analyzed and addressed in XWayland Git is over the game Resident Evil 6 causing XWayland to hang and consume 100% of the CPU resources on launching that title.

The X.Org Board of Directors has delayed their election process by two weeks in hopes of having more candidates nominated to run for the board as currently they do not have enough candidates to start an election.

A few months back the generic xf86-video-modesetting X.Org driver added TearFree page-flipping support. The option eliminates screen tearing without the use of a compositor and was seen as a win by many for this generic DDX driver that works atop the modern DRM/KMS kernel drivers. But a rather annoying issue was discovered that could lead to audio/video synchronization problems was uncovered and is now fixed in the latest driver code.

A week after seeing X.Org display driver updates for old Trident and S3 Graphics hardware, a new release of xf86-video-ark is now available that provides the open-source UMS display driver support for old ARK Logic hardware. ARK Logic only lasted through the 1990's as a purveyor of PCI video cards.

New releases of the xf86-video-trident and xf86-video-s3virge X.Org drivers are now available for those still rocking out to old Trident and S3 graphics hardware.

Back in 2018 the X.Org Developers Conference (XDC) was hosted in A Coruña, Spain by Igalia developers and for XDC2023 it's again returning.

The X.Org Server keeps on giving when it comes to security vulnerabilities with its massive, aging, and ill-maintained code-base. Disclosed on Monday night was CVE-2023-0494 as the latest security advisory and another discovery by the Trend Micro Zero Day Initiative.

In marking ten years since the prior release, Xvidtune 1.0.4 was released on Saturday with all the patches that have buult up over the past decade.

Red Hat's Peter Hutterer has released new versions of the xf86-video-qxl and xf86-video-vmware DDX drivers for those making use of these X.Org drivers in virtualized environments.

NVIDIA engineer Austin Shafer has contributed linux_dmabuf v4 feedback protocol support for upstream XWayland. This is working towards allowing scan-out modifiers that a compositor advertises to be delivered to X11 applications under (X)Wayland.

Stemming from the X.Org Server change to no longer allow byte-swapped clients by default due to the feature being rarely used but of significant security concerns with being a large attack surface, GNOME's Mutter compositor has added optional support for being able to enable byte-swapped XWayland clients.

Following the recent discussions around Fedora planning to disable byte swapped clients support for the X.Org Server in order to close another "large attack surface" with the aging X11 server codebase, the upstream X.Org Server has now dropped this support by default.

It shouldn't be news to you that most of the corporate-backed developers working on the Linux desktop are no longer investing in new feature work around the X.Org Server and have shifted their efforts to a Wayland-focused environment moving forward. In looking at the Git statistics for the X.Org Server over the course of 2022 it shows how the development has pulled back dramatically and now at a two decade low for the commits and code changes.

The xf86-video-modesetting work covered a month ago over "TearFree" page flipping support has been merged to the X.Org Server for whenever the next release ends up happening.

The X.Org Server and XWayland have new releases out ahead of the holidays, but it's not for Christmas feature releases and instead for fixing a number of new security issues.

While X.Org Katamari releases are no longer being organized to bundle up all of the different X11 software components behind one version number and some X.Org software pieces are seeing very seldom updates every number of years, this past week has seen twenty new X.Org software releases.