This patch-series looks straightforward, but unfortunately this is not the case, at least policy-wise.
Trying to be short. TigerVNC compiles its own Xserver, not the one from oe-core. This series: -Update xserver to latest dot release of 1.20.x series -Add patches to all outstanding CVEs that are associated with TigerVNC -There are unpatched CVEs which are not associated with TigerVNC -This xserver version is different from the one in oe-core -Complies with stable-branch policy Alternative: -Cherry-Pick some patches from master[1] -The xserver version jump would be a major one (1.20.x -> 21.x) -It would get TigerVNC's xserver in sync with oe-core's xserver -Have all known xserver fixes without carrying patches -One might argue that this ship has sailed when Scarthgap was branched off The same problem is present in Kirkstone also - whatever happens in Scarthgap will be cherry-picked in Kirkstone also. Anyone has any input on this? I'm especially hoping that some TigerVNC users will see this, but I'm happy for all feedback. Thank you [1]: https://git.openembedded.org/meta-openembedded/log/meta-oe/recipes-graphics/tigervnc - patches between 2025-11-24 and 2025-12-25 -- Gyorgy Sarvari (14): tigervnc: upgrade xorg-server component tigervnc: ignore CVE-2014-8241 tigervnc: patch CVE-2023-6377 tigervnc: patch CVE-2023-6478 tigervnc: patch CVE-2024-0408 tigervnc: patch CVE-2024-0409 tigervnc: patch CVE-2025-26594 tigervnc: patch CVE-2025-26595 tigervnc: patch CVE-2025-26596 tigervnc: patch CVE-2025-26597 tigervnc: patch CVE-2025-26598 tigervnc: patch CVE-2025-26599 tigervnc: patch CVE-2025-26600 tigervnc: patch CVE-2025-26601 .../tigervnc/files/CVE-2023-6377.patch | 80 +++++++++++ .../tigervnc/files/CVE-2023-6478.patch | 65 +++++++++ .../tigervnc/files/CVE-2024-0408.patch | 65 +++++++++ .../tigervnc/files/CVE-2024-0409.patch | 47 ++++++ .../tigervnc/files/CVE-2025-26594-1.patch | 60 ++++++++ .../tigervnc/files/CVE-2025-26594-2.patch | 53 +++++++ .../tigervnc/files/CVE-2025-26595.patch | 67 +++++++++ .../tigervnc/files/CVE-2025-26596.patch | 51 +++++++ .../tigervnc/files/CVE-2025-26597.patch | 48 +++++++ .../tigervnc/files/CVE-2025-26598.patch | 122 ++++++++++++++++ .../tigervnc/files/CVE-2025-26599-1.patch | 69 +++++++++ .../tigervnc/files/CVE-2025-26599-2.patch | 131 +++++++++++++++++ .../tigervnc/files/CVE-2025-26600.patch | 70 +++++++++ .../tigervnc/files/CVE-2025-26601-1.patch | 73 ++++++++++ .../tigervnc/files/CVE-2025-26601-2.patch | 87 ++++++++++++ .../tigervnc/files/CVE-2025-26601-3.patch | 54 +++++++ .../tigervnc/files/CVE-2025-26601-4.patch | 134 ++++++++++++++++++ .../tigervnc/tigervnc_1.11.0.bb | 27 +++- 18 files changed, 1299 insertions(+), 4 deletions(-) create mode 100644 meta-oe/recipes-graphics/tigervnc/files/CVE-2023-6377.patch create mode 100644 meta-oe/recipes-graphics/tigervnc/files/CVE-2023-6478.patch create mode 100644 meta-oe/recipes-graphics/tigervnc/files/CVE-2024-0408.patch create mode 100644 meta-oe/recipes-graphics/tigervnc/files/CVE-2024-0409.patch create mode 100644 meta-oe/recipes-graphics/tigervnc/files/CVE-2025-26594-1.patch create mode 100644 meta-oe/recipes-graphics/tigervnc/files/CVE-2025-26594-2.patch create mode 100644 meta-oe/recipes-graphics/tigervnc/files/CVE-2025-26595.patch create mode 100644 meta-oe/recipes-graphics/tigervnc/files/CVE-2025-26596.patch create mode 100644 meta-oe/recipes-graphics/tigervnc/files/CVE-2025-26597.patch create mode 100644 meta-oe/recipes-graphics/tigervnc/files/CVE-2025-26598.patch create mode 100644 meta-oe/recipes-graphics/tigervnc/files/CVE-2025-26599-1.patch create mode 100644 meta-oe/recipes-graphics/tigervnc/files/CVE-2025-26599-2.patch create mode 100644 meta-oe/recipes-graphics/tigervnc/files/CVE-2025-26600.patch create mode 100644 meta-oe/recipes-graphics/tigervnc/files/CVE-2025-26601-1.patch create mode 100644 meta-oe/recipes-graphics/tigervnc/files/CVE-2025-26601-2.patch create mode 100644 meta-oe/recipes-graphics/tigervnc/files/CVE-2025-26601-3.patch create mode 100644 meta-oe/recipes-graphics/tigervnc/files/CVE-2025-26601-4.patch
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#123940): https://lists.openembedded.org/g/openembedded-devel/message/123940 Mute This Topic: https://lists.openembedded.org/mt/117487426/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
