debian/changelog | 4 ++++
debian/xserver-xorg-core.NEWS | 15 +++++++++++++++
2 files changed, 19 insertions(+)
New commits:
commit f8dd68af0467aa8a7fe6ec85c7f15c54418dcfb4
Author: Julien Cristau <jcris...@debian.org>
Date: Wed Oct 14 14:57:09 2015 +0200
Add NEWS file for xserver-xorg-core with info about the -legacy split.
diff --git a/debian/changelog b/debian/changelog
index e4e2a28..4d19572 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,8 +1,12 @@
xorg-server (2:1.17.2-4) UNRELEASED; urgency=medium
+ [ Andreas Boll ]
* Use the correct repository for the Vcs-Git field (Closes: #801340).
Thanks, Vagrant Cascadian.
+ [ Julien Cristau ]
+ * Add NEWS file for xserver-xorg-core with info about the -legacy split.
+
-- Andreas Boll <andreas.boll....@gmail.com> Thu, 08 Oct 2015 21:29:12 +0200
xorg-server (2:1.17.2-3) unstable; urgency=medium
diff --git a/debian/xserver-xorg-core.NEWS b/debian/xserver-xorg-core.NEWS
new file mode 100644
index 0000000..2080e43
--- /dev/null
+++ b/debian/xserver-xorg-core.NEWS
@@ -0,0 +1,15 @@
+xorg-server (2:1.17.2-4) UNRELEASED; urgency=medium
+
+ The Xorg server is no longer setuid root by default. This change reduces the
+ risk of privilege escalation due to X server bugs, but has some side effects:
+
+ * it relies on logind and libpam-systemd
+ * it relies on a kernel video driver (so the userspace component doesn't
+ touch the hardware directly)
+ * it needs X to run on the virtual console (VT) it was started from
+
+ On systems where those are not available, the new xserver-xorg-legacy package
+ is needed to allow X to run with elevated privileges. See the
+ Xwrapper.config(5) manual page for configuration details.
+
+ -- Julien Cristau <jcris...@debian.org> Wed, 14 Oct 2015 14:12:43 +0200
