Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted xorg-server 2:21.1.7-3+deb12u5 (source) into proposed-updates
Date: Sun, 28 Jan 2024 19:49:00 +0000
Signed by: Salvatore Bonaccorso <carnil@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 22 Jan 2024 07:19:15 +0100
Source: xorg-server
Architecture: source
Version: 2:21.1.7-3+deb12u5
Distribution: bookworm-security
Urgency: high
Maintainer: Debian X Strike Force <debian-x@lists.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Changes:
 xorg-server (2:21.1.7-3+deb12u5) bookworm-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Xi: require a pointer and keyboard device for XIAttachToMaster
   * dix: allocate enough space for logical button maps (CVE-2023-6816)
   * dix: Allocate sufficient xEvents for our DeviceStateNotify (CVE-2024-0229)
   * dix: fix DeviceStateNotify event calculation (CVE-2024-0229)
   * Xi: when creating a new ButtonClass, set the number of buttons
     (CVE-2024-0229)
   * Xi: flush hierarchy events after adding/removing master devices
     (CVE-2024-21885)
   * Xi: do not keep linked list pointer during recursion (CVE-2024-21886)
   * dix: when disabling a master, float disabled slaved devices too
     (CVE-2024-21886)
   * ephyr,xwayland: Use the proper private key for cursor
   * glx: Call XACE hooks on the GLX buffer
   * dix: Fix use after free in input device shutdown
Checksums-Sha1: 
 83567a6a6518eecf3e77d233f2313bedaf106086 4394 xorg-server_21.1.7-3+deb12u5.dsc
 1b0d20ab3f0f9d105bb43c25e2711bafda4ff64d 181884 xorg-server_21.1.7-3+deb12u5.diff.gz
Checksums-Sha256: 
 5673a300fcf497134429c9a903c81f16b1d9bb516a8189714bd2bb2be1ad0ff4 4394 xorg-server_21.1.7-3+deb12u5.dsc
 bfdd5d50b2aacb667e03040d0c26ad43f2272212bf5c9866f94e3d37a3634ed1 181884 xorg-server_21.1.7-3+deb12u5.diff.gz
Files: 
 a28b153a10fc0aa491a2f96e954ed832 4394 x11 optional xorg-server_21.1.7-3+deb12u5.dsc
 34a622f076c83f981c892b8aa02fa018 181884 x11 optional xorg-server_21.1.7-3+deb12u5.diff.gz

-----BEGIN PGP SIGNATURE-----

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmWuDCVfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89ETewP/iIj76kQ8vCfOOtXfnZ0sWsHJ/ir1e7o
lkNcy0M+lKVhiKSL6qqWYkW+wqho09Q8SZCkxkV6hCavLaHHwI1xXtRYUtVk8Dbo
5EE0HFaEP8Ub9xfax72LgSQFeU2RsxpS+Bnd/LkgXYdHLKesxFIVI86+lx/Nhix6
5myQA0s1BkOtaZ4iuCO2SnIa+ZYZvPpQ/CI5MvZuRM9IvE8EWVfyd9tVj+oh0DA7
4UQd27qqrdu33TO/E6IrY1oyVZ9xx/KF58xFqbTFKNbWouUDJdlpnqiRHfElsyWv
iCzzpwAVOBdxKuokn66zPRVKPoZX4FwtvTWAijkuds9TmxFJ14V553E2oWfCNrYz
m6zhAZ35O3Vvpq4vKmGVbgHLwodmqncbClK+C5ZyvYLfmq1D43RBtIaYesNEOXcd
qSFqWSYJAUkZU8tX/ZPIHpJQim6x+ckpuUJ9JZyoEXLnyjzcHBo8QNwTkHhwgQ6e
aqHn8/gdhiDEMA4zssWQZGNbYYh8NlJXGXX0+iSpTzioQjNpnd772E5z10DPNVtT
/EhvaY6JsJzYRzRB6z6OZEWGgdabWneawIIZJwLTih3p/0wiph5tnOlpS3W/tPT4
EZlUlTUXSO259qaKeAnbq5fTsLceh8oR6IFCqkIjwp6eCVWqnMvZcLQO9JFpxmYz
JZirzxKubMOa
=/KOW
-----END PGP SIGNATURE-----

News for package xorg-server