Hi Fabio, On 12/17/21 12:21, Fabio Valentini wrote: > Hi all, > > With the recent updates to use a standalone xwayland package, the > "classic" xorg-x11-server package seems to have fallen into disrepair. > It is multiple versions behind upstream (Fedora has 1.20.11, upstream > has released 1.20.12, 1.20.13, 1.20.14, 21.1.0, 21.1.1, 21.1.2), and > has open CVE issues attached to it. > > A BugZilla query for the xorg-x11-server package reveals a worrying > state of things, with bugs not being touched in ages, and the > xgl-maint account that is the "main admin" and bugzilla assignee for > multiple xorg-related packages has a *deactivated BugZilla* account, > so NEEDINFO requests etc. don't work (no idea what else doesn't work, > I suppose maintainers won't get bug emails either, if their bugzilla > account doesn't work ...). Does it count as "non-responsive > maintainer", if the maintainer doesn't have an active BugZilla > account? :) > > I know that Wayland is the default on many Fedora Editions / Spins, > but some of us plebs still rely on X11 / X.org sessions and it would > be great to have the X server package updated. For a > security-sensitive component like the X server, this is a worrying > state of things. Thank you for pointing this out. I have it on good authority that an updated pkg for the CVE is being worked on. Note this does not takeaway that the classic Xorg server packages could definitely use some love / use some community co-maintainers. Regards, Hans _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
