Jump to content
funtoo forums

Recommended Posts

Hi, everyone!

X.Org security update now available with version 1.19.3-r3. By default xorg-server ebuild installs the /usr/bin/Xorg binary with suid . In 1.19 it was found a regression which allowed a privilege escalation. This is now fixed with patch. More details can be found here: 

https://www.mail-archive.com/xorg-announce@lists.x.org/msg01138.html

A notice on suid USE flag. By default this USE flag is enabled and with unpatched xorg-server there is a security risk. Upstream recommendation is to disable suid USE. This can be achieved by:

echo "x11-base/xorg-server -suid" >> /etc/portage/package.use

emerge -1 xorg-server

This will work in most cases, when  login managers are used, such as GDM or similar. In case you are starting the X via xinit or startx, disable of suid USE may impact the X start. You can leave the suid USE turned on, as xorg-server has the vulnerability fix applied.

Share this post


Link to post
Share on other sites

×