Xorg security issue permissions?

[nooby]

I know too little. Read this one and try to get what it is all about.

http://www.pacman.linuxd.org/

These days were discovered two big security issues in X.org
witch is common almost in all distributions witch are focused
on desktop usage.

User can set up permissions of any file or directory
to "all read" attributes, witch is a reall issue.

So all users should upgrade to latest packages (our rc.updater
will handle this it is not disabled.

But this is also very important step in any other distribution,
so if you are affected you should upgrade at least xorg server
and libXfont. Author: tomo ,
2011-10-23

So what is it he says? I am a noob but he do say it is important.
Does it affect Puppy?

[nooby]

is not this a concern for Puppy?

[Karl Godt]

I know too little , too .

The only thing i know , that i had Xorg xserver-1.3.0 [re-]compiled to test the many alternative kdrives , which includes the Xvesa and Xvb srerver .

The xwin scripts mentions some more , some i have never had known before , me thinking very old [ pre 2005 or pre Puppy 4 series in this case ] .

Any user can set permissions to whatever value with sudo and su root .

Reading anything does not seem to be a major security risk in comparison to stability of the OperatingSystem .

Reading the keystrokes if some [pinstall.sh to /etc/rc.d/local]
program lauches the evbug.ko driver for example and submiting them via the browser somewhere
may be meant by the author .

The puppy standard kernel :
# grep -i evbug /etc/modules/*
/etc/modules/DOTconfig-2.6.39.4:# CONFIG_INPUT_EVBUG is not set

has evbug not enabled , but there may be some Xorg drivers like
/usr[/X11R7]/lib/xorg/modules/input/evdev_drv.so
being capable of this .

I am running my own Xvesa-1.3.0 @Racy-099 ATM and am happy with Xvesa, too .