-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 19 Feb 2025 14:42:13 +0100
Source: xorg-server
Binary: xnest xnest-dbgsym xserver-xephyr xserver-xephyr-dbgsym xserver-xorg-core xserver-xorg-core-dbgsym xserver-xorg-core-udeb xserver-xorg-dev xserver-xorg-legacy xserver-xorg-legacy-dbgsym xvfb xvfb-dbgsym
Architecture: armel
Version: 2:21.1.7-3+deb12u9
Distribution: bookworm-security
Urgency: high
Maintainer: arm Build Daemon (arm-ubc-05) <buildd_arm64-arm-ubc-05@buildd.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Description:
 xnest      - Nested X server
 xserver-xephyr - nested X server
 xserver-xorg-core - Xorg X server - core server
 xserver-xorg-core-udeb - Xorg X server - core server (udeb)
 xserver-xorg-dev - Xorg X server - development files
 xserver-xorg-legacy - setuid root Xorg server wrapper
 xvfb       - Virtual Framebuffer 'fake' X server
Changes:
 xorg-server (2:21.1.7-3+deb12u9) bookworm-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Cursor: Refuse to free the root cursor (CVE-2025-26594)
   * dix: keep a ref to the rootCursor (CVE-2025-26594)
   * xkb: Fix buffer overflow in XkbVModMaskText() (CVE-2025-26595)
   * xkb: Fix computation of XkbSizeKeySyms (CVE-2025-26596)
   * xkb: Fix buffer overflow in XkbChangeTypesOfKey() (CVE-2025-26597)
   * Xi: Fix barrier device search (CVE-2025-26598)
   * composite: Handle failure to redirect in compRedirectWindow()
     (CVE-2025-26599)
   * composite: initialize border clip even when pixmap alloc fails
     (CVE-2025-26599)
   * dix: Dequeue pending events on frozen device on removal (CVE-2025-26600)
   * sync: Do not let sync objects uninitialized (CVE-2025-26601)
   * sync: Check values before applying changes (CVE-2025-26601)
   * sync: Do not fail SyncAddTriggerToSyncObject() (CVE-2025-26601)
   * sync: Apply changes last in SyncChangeAlarmAttributes() (CVE-2025-26601)
Checksums-Sha1:
 955d6773ae3099361619cbafe9dc087b14a0267b 2622812 xnest-dbgsym_21.1.7-3+deb12u9_armel.deb
 50c29aea19a61ba045fb886bc47e8fabb10c0d0f 2899436 xnest_21.1.7-3+deb12u9_armel.deb
 c203c6d2129a7f3a96910783e953eb0889ffd9fc 14686 xorg-server_21.1.7-3+deb12u9_armel-buildd.buildinfo
 8caeab63a23d302afcdd5cfaf423c8326207370b 3856472 xserver-xephyr-dbgsym_21.1.7-3+deb12u9_armel.deb
 1e29f55fb6fcb2a25280240c3ef4861a1af36d85 3125344 xserver-xephyr_21.1.7-3+deb12u9_armel.deb
 2e0032e6bad9aa101424bbddf06b4f7e66197553 5627872 xserver-xorg-core-dbgsym_21.1.7-3+deb12u9_armel.deb
 17cdf59f9074fad0ab7f091e371990765f37d480 800232 xserver-xorg-core-udeb_21.1.7-3+deb12u9_armel.udeb
 b365cb68899012615b32e2dbec392c5e5fcf55e2 3466752 xserver-xorg-core_21.1.7-3+deb12u9_armel.deb
 5df63c112938bcb4b742b54bf6d5d9ef02099ce2 2554504 xserver-xorg-dev_21.1.7-3+deb12u9_armel.deb
 9fae02ae1426bb3a585803283cba943c44fba951 9380 xserver-xorg-legacy-dbgsym_21.1.7-3+deb12u9_armel.deb
 8feb6fd82ed740c7ea9b4980bc7f30c5ab4b59f2 2388356 xserver-xorg-legacy_21.1.7-3+deb12u9_armel.deb
 ab2f98ccaeb50a011e17114ba3aa4085b3782472 3189248 xvfb-dbgsym_21.1.7-3+deb12u9_armel.deb
 a135a5799aaa61a7b4c0c3c7bd66ec563fcb9b86 3009032 xvfb_21.1.7-3+deb12u9_armel.deb
Checksums-Sha256:
 062637418d7c5f1b5d3ce9e174d54724ef61112b3e8237b0abb807441ddaea04 2622812 xnest-dbgsym_21.1.7-3+deb12u9_armel.deb
 27a9e3bf3ec92829a095e11b82678c636095d067d413452acce030b6a389306b 2899436 xnest_21.1.7-3+deb12u9_armel.deb
 9438ce300dd9198ce21959577c32af3ddc0faf16416c1100c7716d31814cd11a 14686 xorg-server_21.1.7-3+deb12u9_armel-buildd.buildinfo
 0141389bf44b2081007cf103105435af797ae32fa7014c90f48fa966986a18de 3856472 xserver-xephyr-dbgsym_21.1.7-3+deb12u9_armel.deb
 0ba9a2a44f01008dad3c939687dfda4f96fb6fd90d50761ba663a7f3af7ef589 3125344 xserver-xephyr_21.1.7-3+deb12u9_armel.deb
 4b8c24fd409c3a3d9378cded471ccd5a19be1dec5041ad30578f1af04ef7a558 5627872 xserver-xorg-core-dbgsym_21.1.7-3+deb12u9_armel.deb
 6973b10c8fbdc8d0e0bb539c9e47c31a41b9f9c53f90bda5793cd573e81a936b 800232 xserver-xorg-core-udeb_21.1.7-3+deb12u9_armel.udeb
 bff358d93aa8a4c8abecd56b07eabb98ecfb1ed8dd45fc289ee79b855e7fc961 3466752 xserver-xorg-core_21.1.7-3+deb12u9_armel.deb
 995ece8c330e89086a3d16ae12e30d552ae61dc16128e8ee1df34e4428b05680 2554504 xserver-xorg-dev_21.1.7-3+deb12u9_armel.deb
 c7fc325680bc121430bf36731e07c6de30085c9af4328a267897c0e12c86981d 9380 xserver-xorg-legacy-dbgsym_21.1.7-3+deb12u9_armel.deb
 c146e93337c5643c43507869fb527954a6da201d8a0569883174a603ead3f705 2388356 xserver-xorg-legacy_21.1.7-3+deb12u9_armel.deb
 6865d35aab0f2e443b1cb9e95d39db0b27d861fd4f849b98d5669f765c8df987 3189248 xvfb-dbgsym_21.1.7-3+deb12u9_armel.deb
 94cc9d1a8bfd0980ebeebb47b80b091c410076e54d23ce809b79155a0c6345dd 3009032 xvfb_21.1.7-3+deb12u9_armel.deb
Files:
 3b66581944db52e809356611b3f54f81 2622812 debug optional xnest-dbgsym_21.1.7-3+deb12u9_armel.deb
 3a83ac4807b2b173c358ccc535c1f456 2899436 x11 optional xnest_21.1.7-3+deb12u9_armel.deb
 f286f5ec7c5c485d781aada49fd51dff 14686 x11 optional xorg-server_21.1.7-3+deb12u9_armel-buildd.buildinfo
 bfc2f4966f32b55dad669a92d80de5cd 3856472 debug optional xserver-xephyr-dbgsym_21.1.7-3+deb12u9_armel.deb
 970c2d8097314d04eebd9f210dc401a7 3125344 x11 optional xserver-xephyr_21.1.7-3+deb12u9_armel.deb
 9f20a60d96ec71bc88ae85ca6b0b770c 5627872 debug optional xserver-xorg-core-dbgsym_21.1.7-3+deb12u9_armel.deb
 c56f6c641bcbcedd42ca9f6e1d82689c 800232 debian-installer optional xserver-xorg-core-udeb_21.1.7-3+deb12u9_armel.udeb
 3c1fcb4ba65fbc2ac0fd2cf77761ec59 3466752 x11 optional xserver-xorg-core_21.1.7-3+deb12u9_armel.deb
 af940b948fbd34c88b395351dd4aa88c 2554504 x11 optional xserver-xorg-dev_21.1.7-3+deb12u9_armel.deb
 d99ab4ffef5e88d4b46c459313e71c1c 9380 debug optional xserver-xorg-legacy-dbgsym_21.1.7-3+deb12u9_armel.deb
 70decbaec1e84743e1067ee20d44cd50 2388356 x11 optional xserver-xorg-legacy_21.1.7-3+deb12u9_armel.deb
 e4c655f2b479355a05d39e3a099ee519 3189248 debug optional xvfb-dbgsym_21.1.7-3+deb12u9_armel.deb
 e280e5ef5da656a2e47cae53e379dce2 3009032 x11 optional xvfb_21.1.7-3+deb12u9_armel.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEmbvtGd+QaAE2Bi5fsFgOvjtRcdMFAme2MeoACgkQsFgOvjtR
cdONUQ//f3bUU36hEFQs8GBgIa4WNH/yCbKi/gl14uLjlDjEKtVrOlq5FQ5S2mTw
PvmIZx0wukf0BuTDmcv8gg8pMk7eZQ/+VlsVYuMC8FSTpiLmhQDo6hcnaEZeNLI/
5N+I1AvLhNU7NiFWqykiHfQ+5AckdclOZl/uUvOvDrWwtdZYfa8QwZKXCbGwN02W
N79D7nzoi5ispxldfomfX4Z8J78OSPFok7VsBPVU2XhZj8bUMfC1lT7Fb3QaAMve
xLdePCBAtVBoMdA6Vth/nw3JJQN7tBzVzC2Fp28Z4mccOBHDJmIE7I+dPXnX1+xU
Y/WxUcASsjX6GTBnksfwJE6inCz/d9WftBZPbvZjec6yXeADPP+/IFMzhJO2HuFc
nEeUvMtLNTrc5S0iDFmvSpVG67/6oi91Kz/zFGB4yZ+CS9AcTnMfpWfxeohALaQQ
NdF6Amp7ETD8g+uQ4XIVke/vnpfgpyGJ2bwRwNg1uLhyLxAplJgzwve1xB83O93u
DDbSVbcKc2Dr69eNtIumrXz6R4LHOlh6pK2xo/4Yjj0cm8/mJ7F/0RZLUN3jsBFI
LC0kqheV9CGOHZABYJB4tSIjYvZv1fuQAXCVG8z5paIv2729jbl3c1nzfiIFuFae
KY0Eq3C22oDsOCOK7TVZkwrPg0b3RetqTHwZAOzDKqEBdTLUjAk=
=GYgE
-----END PGP SIGNATURE-----