Debian Package Tracker

general

source: xorg-server (main)
version: 2:1.20.7-3
maintainer: Debian X Strike Force (archive) (DMD)
arch: all any
std-ver: 3.9.8
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 2:1.16.4-1+deb8u2
o-o-sec: 2:1.16.4-1+deb8u2
oldstable: 2:1.19.2-1+deb9u5
old-sec: 2:1.19.2-1+deb9u4
stable: 2:1.20.4-1
testing: 2:1.20.7-3
unstable: 2:1.20.7-3

versioned links

2:1.16.4-1+deb8u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2:1.19.2-1+deb9u4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2:1.19.2-1+deb9u5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2:1.20.4-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2:1.20.7-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

xdmx (3 bugs: 0, 3, 0, 0)
xdmx-tools (1 bugs: 0, 1, 0, 0)
xnest (1 bugs: 0, 1, 0, 0)
xorg-server-source
xserver-common (3 bugs: 0, 1, 2, 0)
xserver-xephyr (18 bugs: 0, 14, 4, 0)
xserver-xorg-core (213 bugs: 2, 177, 34, 0)
xserver-xorg-core-udeb
xserver-xorg-dev (2 bugs: 0, 1, 1, 0)
xserver-xorg-legacy (4 bugs: 0, 1, 3, 0)
xvfb (10 bugs: 0, 7, 3, 0)
xwayland (18 bugs: 0, 18, 0, 0)

action needed

1 security issue in buster high

There is 1 open security issue in buster.

1 important issue:

CVE-2018-20839: systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) check is mishandled.

Please fix it.

Created: 2019-07-23 Last update: 2020-02-11 05:02

1 security issue in bullseye high

There is 1 open security issue in bullseye.

1 important issue:

CVE-2018-20839: systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) check is mishandled.

Please fix it.

Created: 2019-07-23 Last update: 2020-02-11 05:02

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2018-20839: systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) check is mishandled.

Please fix it.

Created: 2019-07-23 Last update: 2020-02-11 05:02

1 security issue in stretch high

There is 1 open security issue in stretch.

1 important issue:

CVE-2018-20839: systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) check is mishandled.

Please fix it.

Created: 2019-07-23 Last update: 2020-02-11 05:02

Standards version of the package is outdated. high

The package is severely out of date with respect to the Debian Policy. The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.0 instead of 3.9.8).

Created: 2017-07-07 Last update: 2020-02-05 23:04

28 bugs tagged patch in the BTS normal

The BTS contains patches fixing 28 bugs, consider including or untagging them.

Created: 2020-02-18 Last update: 2020-02-21 09:34

Does not build reproducibly during testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2018-09-11 Last update: 2020-02-21 08:36

Multiarch hinter reports 1 issue(s) low

There are issues with the multiarch metadata for this package.

xorg-server-source could be marked Multi-Arch: foreign

Created: 2016-09-14 Last update: 2020-02-21 09:00

1 ignored security issue in jessie low

There is 1 open security issue in jessie.

1 issue skipped by the security teams:

CVE-2018-20839: systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occurs because the KDGKBMODE (aka current keyboard mode) check is mishandled.

Please fix it.

Created: 2019-07-23 Last update: 2020-02-11 05:02

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2017-10-26 Last update: 2017-10-26 07:23

news

[rss feed]

[2020-02-11] xorg-server 2:1.20.7-3 MIGRATED to testing (Debian testing watch)
[2020-02-05] Accepted xorg-server 2:1.20.7-3 (source) into unstable (Debian FTP Masters) (signed by: Timo Aaltonen)
[2020-01-19] xorg-server 2:1.20.7-2 MIGRATED to testing (Debian testing watch)
[2020-01-14] Accepted xorg-server 2:1.20.7-2 (source) into unstable (Timo Aaltonen)
[2019-12-07] xorg-server 2:1.20.6-1 MIGRATED to testing (Debian testing watch)
[2019-11-25] Accepted xorg-server 2:1.20.6-1 (source) into unstable (Timo Aaltonen)
[2019-06-05] xorg-server 2:1.20.4-1 MIGRATED to testing (Debian testing watch)
[2019-03-05] Accepted xorg-server 2:1.20.4-1 (source) into unstable (Andreas Boll)
[2018-11-02] Accepted xorg-server 2:1.19.2-1+deb9u5 (source) into proposed-updates->stable-new, proposed-updates (Andreas Boll)
[2018-10-31] xorg-server 2:1.20.3-1 MIGRATED to testing (Debian testing watch)
[2018-10-27] Accepted xorg-server 2:1.19.2-1+deb9u4 (source) into proposed-updates->stable-new, proposed-updates (Julien Cristau)
[2018-10-27] Accepted xorg-server 2:1.19.2-1+deb9u3 (source) into proposed-updates->stable-new, proposed-updates (Julien Cristau)
[2018-10-25] Accepted xorg-server 2:1.19.2-1+deb9u3 (source) into stable->embargoed, stable (Julien Cristau)
[2018-10-25] Accepted xorg-server 2:1.19.2-1+deb9u4 (source) into stable->embargoed, stable (Julien Cristau)
[2018-10-25] Accepted xorg-server 2:1.20.3-1 (source) into unstable (Andreas Boll)
[2018-10-25] Accepted xorg-server 2:1.20.2-1 (source) into unstable (Andreas Boll)
[2018-10-16] xorg-server 2:1.20.1-5 MIGRATED to testing (Debian testing watch)
[2018-10-10] Accepted xorg-server 2:1.20.1-5 (source) into unstable (Andreas Boll)
[2018-10-01] xorg-server 2:1.20.1-4 MIGRATED to testing (Debian testing watch)
[2018-09-26] Accepted xorg-server 2:1.20.1-4 (source) into unstable (Timo Aaltonen)
[2018-09-20] Accepted xorg-server 2:1.20.1-3 (source) into unstable (Timo Aaltonen)
[2018-09-18] Accepted xorg-server 2:1.20.1-2 (source) into unstable (Timo Aaltonen)
[2018-08-24] xorg-server 2:1.20.1-1 MIGRATED to testing (Debian testing watch)
[2018-08-17] Accepted xorg-server 2:1.20.1-1 (source) into unstable (Andreas Boll)
[2018-07-24] xorg-server 2:1.20.0-3 MIGRATED to testing (Debian testing watch)
[2018-07-01] Accepted xorg-server 2:1.20.0-3 (source) into unstable (Timo Aaltonen)
[2018-05-24] Accepted xorg-server 2:1.20.0-2 (source) into unstable (Emilio Pozuelo Monfort)
[2018-05-19] Accepted xorg-server 2:1.20.0-1 (source) into experimental (Emilio Pozuelo Monfort)
[2018-03-23] Accepted xorg-server 2:1.19.99.901-1 (source) into experimental (Timo Aaltonen)
[2018-02-01] xorg-server 2:1.19.6-1 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 283 288
RC: 2
I&N: 229 234
M&W: 52
F&P: 0
patch: 28
NC: 1

links

homepage
buildd: logs, checks, clang, reproducibility, cross
popcon
browse source code
edit tags
security tracker

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2:1.20.7-2ubuntu1
505 bugs (14 patches)
patches for 2:1.20.7-2ubuntu1