X.Org & XWayland Hit By Four Security Issues
Open link in next tab
https://lists.x.org/archives/xorg/2024-April/061615.html
https://lists.x.org/archives/xorg/2024-April/061615.html
My understanding is that all issues are patched in the mentioned releases, the config flag is not needed for that.
The config flag has been added because supporting clients with different endianness is undertested and most people will never use it. So if it is going to generate vulnerabilities, it makes sense to be able to disable it easily, and to disable it by default on next major release. Indeed XWayland had it disabled by default already, so only the fourth issue (ProcRenderAddGlyphs
) is relevant there if that default is not changed.