-
xorg-server (2:1.20.11-1+deb11u6) bullseye-security; urgency=high
* composite: Fix use-after-free of the COW (CVE-2023-1393)
-- Julien Cristau <email address hidden> Thu, 23 Mar 2023 11:25:56 +0100
-
xorg-server (2:1.20.11-1+deb11u3) bullseye-security; urgency=medium
* xkb: proof GetCountedString against request length attacks (CVE-2022-3550)
* xkb: fix some possible memleaks in XkbGetKbdByName (CVE-2022-3551)
-- Emilio Pozuelo Monfort <email address hidden> Fri, 11 Nov 2022 13:37:52 +0100
-
xorg-server (2:1.20.11-1+deb11u2) bullseye-security; urgency=medium
* xkb: add request length validation for XkbSetGeometry (CVE-2022-2319)
* xkb: swap XkbSetDeviceInfo and XkbSetDeviceInfoCheck (CVE-2022-2320)
* Closes: #1014903.
-- Emilio Pozuelo Monfort <email address hidden> Fri, 05 Aug 2022 10:00:36 +0200
-
xorg-server (2:1.20.11-1+deb11u1) bullseye-security; urgency=high
* Team upload.
* record: Fix out of bounds access in SwapCreateRegister() [CVE-2021-4011]
* xfixes: Fix out of bounds access in *ProcXFixesCreatePointerBarrier() [CVE-2021-4009]
* Xext: Fix out of bounds access in SProcScreenSaverSuspend() [CVE-2021-4010]
* render: Fix out of bounds access in SProcRenderCompositeGlyphs() [CVE-2021-4008]
-- Julien Cristau <email address hidden> Thu, 16 Dec 2021 18:08:23 +0100
-
xorg-server (2:1.20.11-1) unstable; urgency=medium
* New upstream release.
- CVE-2021-3472
* Add signing key for Matt Turner.
-- Timo Aaltonen <email address hidden> Tue, 13 Apr 2021 19:07:31 +0300