Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-lts-changes@lists.debian.org> , <dispatch@tracker.debian.org>
Subject: Accepted xorg-server 2:1.20.11-1+deb11u16 (source) into oldstable-security
Date: Wed, 25 Jun 2025 09:00:33 +0000
Signed by: Emilio Pozuelo Monfort <pochu@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 25 Jun 2025 09:40:33 +0200
Source: xorg-server
Architecture: source
Version: 2:1.20.11-1+deb11u16
Distribution: bullseye-security
Urgency: medium
Maintainer: Debian X Strike Force <debian-x@lists.debian.org>
Changed-By: Emilio Pozuelo Monfort <pochu@debian.org>
Changes:
 xorg-server (2:1.20.11-1+deb11u16) bullseye-security; urgency=medium
 .
   * CVE-2025-49175: render: Avoid 0 or less animated cursors
   * CVE-2025-49176: os: Do not overflow the integer size with BigRequest
   * CVE-2025-49178: os: Account for bytes to ignore when sharing input buffer
   * CVE-2025-49179: record: Check for overflow in RecordSanityCheckRegisterClients
   * CVE-2025-49180: randr: Check for overflow in RRChangeProviderProperty
   * CVE-2025-49180: xfree86: Check for RandR provider functions
Checksums-Sha1:
 11e89f506c447436e4442d2aef126f4e969760ee 4502 xorg-server_1.20.11-1+deb11u16.dsc
 470731401c0c828f603b6ac5b92799483bd12eff 9414572 xorg-server_1.20.11.orig.tar.gz
 6ad7106cc0100c9ace53aa17f439936f1f181f6a 618 xorg-server_1.20.11.orig.tar.gz.asc
 698078b805cc9bf6881b286c5eb364aa552f7a73 209002 xorg-server_1.20.11-1+deb11u16.diff.gz
 e33993d10edf38814f8987fcd884cf88dfd4056b 9433 xorg-server_1.20.11-1+deb11u16_source.buildinfo
Checksums-Sha256:
 c12897a9234824994c3a37e82578a36b837cbc1be3b3529d45c238692cf18f50 4502 xorg-server_1.20.11-1+deb11u16.dsc
 4e9341c96f5ed0f6b9491ed732c501303479d3fe21da280c768a1822d7e5d352 9414572 xorg-server_1.20.11.orig.tar.gz
 d49b58a8e9b4f06dbf2712f81c51731f47bbe6e336cd35ca0a3ad0ca0a0e8a63 618 xorg-server_1.20.11.orig.tar.gz.asc
 1296ba5309541ecd74210fab6ccf2b99b5bdea6eb697cc838d1baefb7abec7e9 209002 xorg-server_1.20.11-1+deb11u16.diff.gz
 9049b58815506c8e90fda8ef58ab9df81fdf7a0114495f7cbd242c69f4be39d8 9433 xorg-server_1.20.11-1+deb11u16_source.buildinfo
Files:
 0ac492e545a221ac62d2f770377bb500 4502 x11 optional xorg-server_1.20.11-1+deb11u16.dsc
 86ef76882fabf07028a95a29a3edf032 9414572 x11 optional xorg-server_1.20.11.orig.tar.gz
 50e2fc26c9062360d2fdefd6688ce146 618 x11 optional xorg-server_1.20.11.orig.tar.gz.asc
 d7b1bf7cf6e42e1ec63c253169c11057 209002 x11 optional xorg-server_1.20.11-1+deb11u16.diff.gz
 be0429fce8ca8eacec4bcf92f9c523f2 9433 x11 optional xorg-server_1.20.11-1+deb11u16_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAmhbtrAACgkQnUbEiOQ2
gwKpoRAAvvF15RPwlutn286+IRgdrGIffNkRkRCQB9GJ5/zr1KnGrvC1g6kgkiba
bQY/K9OZhI2za0n/ZQKQ03ysGDl7HqkyVc4vYDAtkeJxBQLWMH/wplNvY4XVHH+m
rQSf4ncTW0hX6R3sD6Cc10fZ9mmJd2H9yD4IrmLb40Nril05jd4inlazBIFrS3oB
X1L6FNL0RK2QQszrUGvV+7fQJRLZGm4qTshN9Gb0XZ92lWV59bXJ2m4kdP82ZF7Q
Tom84xKcTqOjg81M213/oF3VCD0eIZ6//LpHnuRiaPj8xGeUD5eihdjVJeaFfN+d
wy53Gmy/Bda78qrOw2LDU4XRACSvq6OqCG2uuoIHHt6rVF6GaJ3hV1D0rnBUzECE
+pEMMjRk6MQLQpT7GTE4MUUejiPd1fNWL/neDY9L5RRR0VW1c29emCAM6UPX9u9v
RUeCpda6Ag63niPN0xhAX6grJMBa1Ybc3vrzCZ6NPALvmHrV5+FQJ/AiuVsij5uh
QPCpjp4kbKUy4aLEdjKvrCnZUoAcEYlvvVO5sakAjEAxQbvSXNyLfB8SsjFRFm9s
8dd44ZJwPDcX7V+AliDTrKsM9KSLGU9jOyxcwgWcMsHQUOCGIX8ND76Dt3Pqompz
azQlfS9A4wSZrcDzVjmmM8zSyeJrBy06U+1yniIMoETHq6zmoME=
=sCom
-----END PGP SIGNATURE-----

News for package xorg-server