-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 19 Feb 2025 14:42:13 +0100
Source: xorg-server
Binary: xnest xnest-dbgsym xserver-xephyr xserver-xephyr-dbgsym xserver-xorg-core xserver-xorg-core-dbgsym xserver-xorg-core-udeb xserver-xorg-dev xserver-xorg-legacy xserver-xorg-legacy-dbgsym xvfb xvfb-dbgsym
Architecture: arm64
Version: 2:21.1.7-3+deb12u9
Distribution: bookworm-security
Urgency: high
Maintainer: arm Build Daemon (arm-conova-03) <buildd_arm64-arm-conova-03@buildd.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Description:
 xnest      - Nested X server
 xserver-xephyr - nested X server
 xserver-xorg-core - Xorg X server - core server
 xserver-xorg-core-udeb - Xorg X server - core server (udeb)
 xserver-xorg-dev - Xorg X server - development files
 xserver-xorg-legacy - setuid root Xorg server wrapper
 xvfb       - Virtual Framebuffer 'fake' X server
Changes:
 xorg-server (2:21.1.7-3+deb12u9) bookworm-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Cursor: Refuse to free the root cursor (CVE-2025-26594)
   * dix: keep a ref to the rootCursor (CVE-2025-26594)
   * xkb: Fix buffer overflow in XkbVModMaskText() (CVE-2025-26595)
   * xkb: Fix computation of XkbSizeKeySyms (CVE-2025-26596)
   * xkb: Fix buffer overflow in XkbChangeTypesOfKey() (CVE-2025-26597)
   * Xi: Fix barrier device search (CVE-2025-26598)
   * composite: Handle failure to redirect in compRedirectWindow()
     (CVE-2025-26599)
   * composite: initialize border clip even when pixmap alloc fails
     (CVE-2025-26599)
   * dix: Dequeue pending events on frozen device on removal (CVE-2025-26600)
   * sync: Do not let sync objects uninitialized (CVE-2025-26601)
   * sync: Check values before applying changes (CVE-2025-26601)
   * sync: Do not fail SyncAddTriggerToSyncObject() (CVE-2025-26601)
   * sync: Apply changes last in SyncChangeAlarmAttributes() (CVE-2025-26601)
Checksums-Sha1:
 a30b2c3f2bac86afaf0d29072e64b5b654dd6987 2640168 xnest-dbgsym_21.1.7-3+deb12u9_arm64.deb
 23a357f07eb0a84dcb41708694d5e6bb404d5cb7 2962264 xnest_21.1.7-3+deb12u9_arm64.deb
 4bf73a21ae89e3aae437092659759fa50c84173f 14781 xorg-server_21.1.7-3+deb12u9_arm64-buildd.buildinfo
 32c1cd3a1c7c5c46a5e1d8335783a7f0c03d0335 3879252 xserver-xephyr-dbgsym_21.1.7-3+deb12u9_arm64.deb
 b668eef989f2968638f4d6340dd117dfb9ab1bfb 3206652 xserver-xephyr_21.1.7-3+deb12u9_arm64.deb
 9aa10987abf553ae533a52c1089433e52f342576 5710676 xserver-xorg-core-dbgsym_21.1.7-3+deb12u9_arm64.deb
 5b51c02d9bd4bbc0837eaf8a855b6c90fbc11b19 884668 xserver-xorg-core-udeb_21.1.7-3+deb12u9_arm64.udeb
 14c25f63f20f3c5853c2f75f159d5db648429df5 3592064 xserver-xorg-core_21.1.7-3+deb12u9_arm64.deb
 6e6b32b667de1e9f41cd4fa6ace5a1eac73ce43d 2554508 xserver-xorg-dev_21.1.7-3+deb12u9_arm64.deb
 79ee3ea66ec25aeaaa267303247f854f215c94d7 9456 xserver-xorg-legacy-dbgsym_21.1.7-3+deb12u9_arm64.deb
 ea777154e442cb436d650ab545be24a9ec86940b 2388460 xserver-xorg-legacy_21.1.7-3+deb12u9_arm64.deb
 9409d3cc0b5a9d81ebe0944b75ce48ade741138d 3203708 xvfb-dbgsym_21.1.7-3+deb12u9_arm64.deb
 c18cc0587356531cb4fe8cbea62c4e7cf14525aa 3083140 xvfb_21.1.7-3+deb12u9_arm64.deb
Checksums-Sha256:
 7d713b097ea96e39161e79a98ea3516fb0e6f3eed71a35d4f9d96c922a97e300 2640168 xnest-dbgsym_21.1.7-3+deb12u9_arm64.deb
 0f91d6901049b5a31eeee865ef2172b4da0f76b61bafee3be600dd0f44491c4a 2962264 xnest_21.1.7-3+deb12u9_arm64.deb
 8425875029c4bf93bc090a87db11474927f43c8a4e4ec742f5be50a33fd7d4d7 14781 xorg-server_21.1.7-3+deb12u9_arm64-buildd.buildinfo
 38087af1d35da43b484aa032be9165964b3c383c596e2821ab4fecd88bc76bc3 3879252 xserver-xephyr-dbgsym_21.1.7-3+deb12u9_arm64.deb
 ec78cd1f64b8ecfd3e7f607e1a9cc198d014338c2243a926d1a9f92df28797aa 3206652 xserver-xephyr_21.1.7-3+deb12u9_arm64.deb
 7772b00d7e034332782a8bcc9367ce5db92afb1035b8d57cd07d90f45121c4e8 5710676 xserver-xorg-core-dbgsym_21.1.7-3+deb12u9_arm64.deb
 7d111301389fc5b2f5c3f65639da8df44869c761d645896f5e94aad1fab98816 884668 xserver-xorg-core-udeb_21.1.7-3+deb12u9_arm64.udeb
 1438af4fca61317e6ee75d0e7915691b78af8e70d5e0b44152ea2bb1a4055cff 3592064 xserver-xorg-core_21.1.7-3+deb12u9_arm64.deb
 ebbff21849b09f4e99c31de807ff4309eb4e9a456d1044aec640c1b3483db750 2554508 xserver-xorg-dev_21.1.7-3+deb12u9_arm64.deb
 9f4203df3d7d8029a5acc27c1a0cdd44743538224e7c11ef75b756a9ed0e0d6a 9456 xserver-xorg-legacy-dbgsym_21.1.7-3+deb12u9_arm64.deb
 144d8b4732b4537f72c6dbf5c6df2bd77660cd3b1c24277605b1ffc899cc9edc 2388460 xserver-xorg-legacy_21.1.7-3+deb12u9_arm64.deb
 96e017d55c3d1e8b6321d5091e523a8e21e26c255c4fe28b83b880775a004b38 3203708 xvfb-dbgsym_21.1.7-3+deb12u9_arm64.deb
 2dc50dbed0a0214dc3920ebbeee3d469ac308e46b3b998cf5903e0ae958a375a 3083140 xvfb_21.1.7-3+deb12u9_arm64.deb
Files:
 e29d3413a6c7955a87a0e7df01a473f9 2640168 debug optional xnest-dbgsym_21.1.7-3+deb12u9_arm64.deb
 599929d15794515385c81e31ffb8ad5a 2962264 x11 optional xnest_21.1.7-3+deb12u9_arm64.deb
 e1d49c105220599fbb34a8e0d1bc35f8 14781 x11 optional xorg-server_21.1.7-3+deb12u9_arm64-buildd.buildinfo
 85824486e8631b1aa35c8b0cfbd74172 3879252 debug optional xserver-xephyr-dbgsym_21.1.7-3+deb12u9_arm64.deb
 303525f6a8b1f6ac601932071e98b41e 3206652 x11 optional xserver-xephyr_21.1.7-3+deb12u9_arm64.deb
 32bbc9053768778285a2a546843b8b7e 5710676 debug optional xserver-xorg-core-dbgsym_21.1.7-3+deb12u9_arm64.deb
 0b9cdf20444225eab72a1dab104287b4 884668 debian-installer optional xserver-xorg-core-udeb_21.1.7-3+deb12u9_arm64.udeb
 b4d2d9a57d6cbf154dbd1ecf21b33990 3592064 x11 optional xserver-xorg-core_21.1.7-3+deb12u9_arm64.deb
 3a67d545210023d549f00c533934bf1b 2554508 x11 optional xserver-xorg-dev_21.1.7-3+deb12u9_arm64.deb
 4ae8a5dd7baceca9ddb1e98e08b00ecf 9456 debug optional xserver-xorg-legacy-dbgsym_21.1.7-3+deb12u9_arm64.deb
 815aa8c13cf9e626e0c472b91f9b02e4 2388460 x11 optional xserver-xorg-legacy_21.1.7-3+deb12u9_arm64.deb
 9a14755680b93bafa48cb4fcd34a37e6 3203708 debug optional xvfb-dbgsym_21.1.7-3+deb12u9_arm64.deb
 1d70fe0fa6fa79e1040dd8e170f0a2eb 3083140 x11 optional xvfb_21.1.7-3+deb12u9_arm64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEVM4SKBZumztS8zr3lST9Us03ywsFAme2LuQACgkQlST9Us03
ywt7uhAAs2Cgj6UCk7Sbjb+63I5e5+5B2f5PK6FhK8W7zveFTbNFPtiqn1+yoDtS
uNjCVW/PWXJC5aD5Bm/Q7OA1f0B+eObWe/aA5hf5E/C2g7jeYNm6pEfnsuajsv5s
+l4l+XI4aggMTNnWvqhG6QPtEIiqG70kCAArefrXbs6C8aVNGXBSc8KvbOwxcVVY
brdrKFgB6BtjHa2JEl2Dxer4Lg2hVfvyNoCDF/d4CtTHcZqR6vywXV59mylgwkPw
9p/HGFPqBy7v5MSZuwOTYD+B6Ov28nQoxBHaksym4WdRtr5ssoeux4anrOyzU/pB
ugrAv6OEnS62d4w49lr8nLjLrbpWWTWVFGvQIxK5110aVDo8CsmBDDCrcTG7ngWg
c/5iV51GYD4Usl/jR8KlK0MJz0eFQ96lYUApqEwmZijE0M19nifcsiLyrGPpRtrt
8F9GGDAEghxjItMK1tSvzyWJcvkjknL4nYm6xYTeauEaYA4AQjv2qhhtEQOy2cpQ
KGmSpC+hcjuMjashkjmyUmOMwADL1frud/G/xtTH43e+uaRzF15NztRsXuqqyR9D
+hFHrYQOioQEFVS5TWTry+w1AonIsfzmOjReaSDizHnUfDhVk2tPmd/Rm8hUNUFk
GqPl0xl59P9fP4ehrvTp17yJfGHJ/3Ush2J9SFktj4+mvI8Vwog=
=Yh0R
-----END PGP SIGNATURE-----