-------- Forwarded Message -------- > Oddi wrth: Matthieu Herrb <matthieu.herrb@laas.fr> > Ateb-I: Discuss issues related to the xorg tree > <xorg@lists.freedesktop.org> > I: Discuss issues related to the xorg tree > <xorg@lists.freedesktop.org> > Pwnc: Re: Updated 6.9/7.0 schedule and release plan > Dyddiad: Sat, 27 Aug 2005 22:06:40 +0200 > > Kevin E Martin wrote: > > Note that RC1 is intended to be a full release candidate, which means it > > is something that we would consider putting into production. After RC1, > > we will only be working on bug fixes for both the monolithic and modular > > trees. In order to reach that point, we need to complete the following: > > > > - Modularization work complete > > - EXA drivers to be supported in initial release complete > > - Fix as many bugs as possible > > The new malloc in OpenBSD has exposed 4 or 5 bugs in the existing code > (they were found in 6.8.2, but all are still present in the cvs HEAD > branch). They are mostly of 2 kinds: one byte read overflow at the end > of a pixmap or a simirar structure and access to memory that was > free()d. Even if other systems are not hurt as badly as OpenBSD 3.8 will > by these bugs, it would be good to have fix for them. > > These are bugzilla #3822, 4168, 4243 and 4247, plus one that was found > more recenty by Mark Kettenis but that he did not yet enter into bugzilla. > > > - Supported platforms building and running > > - Test infrastructure in place > > - Tinderboxes running on supported platforms > > > > We will update this list and break it down in detail on the release plan > > page as needed. > > > > In order to determine which platforms will be supported in the initial > > modular release, we would like to hear from everyone who is in the > > process of adding support for their platform and/or plans to have their > > platform building and running before RC1 is created (i.e., in the next > > few weeks). Currently, we know of: > > > > - Linux (x86, amd64, ia64, ppc, sparc) > > - Solaris (x86, amd64, sparc) > > > > Please add your name and OS/arch to the list above if you will have your > > platform supported in RC1. > > I'm working on getting OpenBSD (x86 and amd64 for now, sparc64 and alpha > if time permits) working. Unfortunatly the current schedule interferes > with other issues I've to deal with and I can't make promises that the > modulararized tree will support those in time. I prefer to focus on the > monolithic tree, which is easier to me, especially wrt existing bugs.
More info from Red Hat: I asked our X developers to take a look at these, they said that these issues are illegal memory reads, which should not allow privilege escalation.
So these would be Local DoS ? Or even just DoS-myself ?
Local users can bring down X. Woohoo. Let the fix filter from upstream normal releases...