diff mbox series

[5/5] xserver-xorg: disable xvfb by default

Message ID 20240122140406.3837333-5-ross.burton@arm.com
State Accepted, archived
Commit bfbcb28f032b2609f0cd15df70f35353adf326e5
Headers show
Series [1/5] cve_check: handle CVE_STATUS being set to the empty string | expand

Commit Message

Ross Burton Jan. 22, 2024, 2:04 p.m. UTC 
From: Ross Burton <ross.burton@arm.com>

xvfb has limited use, so to mitigate CVE-2023-5574 out of the box we can
disable the xvfb PACKAGECONFIG.

Signed-off-by: Ross Burton <ross.burton@arm.com>
---
 meta/recipes-graphics/xorg-xserver/xserver-xorg.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
diff mbox series

Patch

diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc b/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc
index 5a0fceea865..22f7d9a8adc 100644
--- a/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc
+++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc
@@ -122,7 +122,7 @@  EXTRA_OEMESON += " \
 "
 
 OPENGL_PKGCONFIGS = "dri glx glamor dri3"
-PACKAGECONFIG ??= "dga dri2 udev xvfb ${XORG_CRYPTO} \
+PACKAGECONFIG ??= "dga dri2 udev ${XORG_CRYPTO} \
                    ${@bb.utils.contains('DISTRO_FEATURES', 'opengl', '${OPENGL_PKGCONFIGS}', '', d)} \
                    ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd-logind', '', d)} \
 "