Porteus

https://www.bleepingcomputer.com/news/s ... d-systems/

Porteus affected? and what we could do to fix this and probably more security issues in future?

You need to upgrade xorg-server to version 1.20.3:
https://bugs.gentoo.org/669588#c0

slackware current has it already:
ftp://ftp.osuosl.org/pub/slackware/slac ... ngeLog.txt

Imo, not so critical as it sounds (using porteus), but I could be wrong here.

Prerequisite for the attack is an X.org server running with setuid root.
If this is set for the X server, it can be started as a normal user,
but runs with root privileges.
An attacker also needs console access on the affected computer.
He must either be logged in with a service like SSH or locally on the computer.
With the X.org version 1.20.3 the problems were solved.

Porteus 4.0 ...no s bit set....

btw

It has been present in xorg-server since version 1.19.0

porteus 3.2.2 has Xorg 1.18.3...