Accepting request 1120261 from X11:XOrg

- Update to version 23.2.2 * This release contains the fix for CVE-2023-5367 and CVE-2023-5574 in today's security advisory: https://lists.x.org/archives/xorg-announce/2023-October/003430.html Xwayland does not support multiple protocol screens (Zaphod) and is thus not affected by CVE-2023-5380. * Additionally, there is a change in the default behaviour of Xwayland: Since version 23.2.0 Xwayland (via liboeffis) automatically tries to connect to the XDG Desktop Portal's RemoteDesktop interface to obtain the EI socket. That socket is used to send XTest events to the compositor. * However, the connection to the session-wide Portal is unsuitable when Xwayland is running in a nested compositor. Xwayland cannot tell whether it's running on a nested compositor and to keep backwards compatibility with Xwayland prior to 23.2.0, Xwayland must now be started with "-enable-ei-portal" to connect to the portal. * Compositors (who typically spawn Xwayland rootless) must now pass this option to get the same behaviour as 23.2.x. * Finally, Xwayland now uses libbsd-overlay instead of libbsd. OBS-URL: https://build.opensuse.org/request/show/1120261 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xwayland?expand=0&rev=25
2023-10-25 16:02:10 +00:00 · 2023-10-25 16:02:10 +00:00 · 51717ce020
commit 51717ce020
parent a0994645d7 5c74965cd2
7 changed files with 27 additions and 4 deletions
--- a/xwayland-23.2.1.tar.xz
+++ b/xwayland-23.2.1.tar.xz
@ -1,3 +0,0 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:eebc2692c3aa80617d78428bc6ec7b91b254a98214d2a70e997098503cd6ef90
 size 1298128
--- a/xwayland-23.2.1.tar.xz.sig
+++ b/xwayland-23.2.1.tar.xz.sig
--- a/xwayland-23.2.2.tar.xz
+++ b/xwayland-23.2.2.tar.xz
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:9f7c0938d2a41e941ffa04f99c35e5db2bcd3eec034afe8d35d5c810a22eb0a8
 size 1298400
--- a/xwayland-23.2.2.tar.xz.sig
+++ b/xwayland-23.2.2.tar.xz.sig
--- a/xwayland.changes
+++ b/xwayland.changes
@ -1,3 +1,26 @@
 -------------------------------------------------------------------
 Wed Oct 25 10:39:17 UTC 2023 - Stefan Dirsch <sndirsch@suse.com>
 - Update to version 23.2.2
  * This release contains the fix for CVE-2023-5367 and CVE-2023-5574
    in today's security advisory: 
      https://lists.x.org/archives/xorg-announce/2023-October/003430.html
    Xwayland does not support multiple protocol screens (Zaphod) and is thus
    not affected by CVE-2023-5380.
  * Additionally, there is a change in the default behaviour of Xwayland:
    Since version 23.2.0 Xwayland (via liboeffis) automatically tries to
    connect to the XDG Desktop Portal's RemoteDesktop interface to obtain
    the EI socket. That socket is used to send XTest events to the
    compositor.
  * However, the connection to the session-wide Portal is unsuitable when
    Xwayland is running in a nested compositor. Xwayland cannot tell whether
    it's running on a nested compositor and to keep backwards compatibility
    with Xwayland prior to 23.2.0, Xwayland must now be started with
    "-enable-ei-portal" to connect to the portal.
  * Compositors (who typically spawn Xwayland rootless) must now pass this
    option to get the same behaviour as 23.2.x.
  * Finally, Xwayland now uses libbsd-overlay instead of libbsd.
 -------------------------------------------------------------------
 Wed Sep 20 08:53:56 UTC 2023 - Stefan Dirsch <sndirsch@suse.com>
--- a/xwayland.keyring
+++ b/xwayland.keyring
--- a/xwayland.spec
+++ b/xwayland.spec
@ -24,7 +24,7 @@
 %endif
 Name:           xwayland
-Version:        23.2.1
+Version:        23.2.2
 Release:        0
 URL:            http://xorg.freedesktop.org
 Summary:        Xwayland Xserver