-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 19 Feb 2025 14:42:13 +0100
Source: xorg-server
Binary: xnest xnest-dbgsym xserver-xephyr xserver-xephyr-dbgsym xserver-xorg-core xserver-xorg-core-dbgsym xserver-xorg-core-udeb xserver-xorg-dev xserver-xorg-legacy xserver-xorg-legacy-dbgsym xvfb xvfb-dbgsym
Architecture: s390x
Version: 2:21.1.7-3+deb12u9
Distribution: bookworm-security
Urgency: high
Maintainer: s390x Build Daemon (zandonai) <buildd_s390x-zandonai@buildd.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Description:
 xnest      - Nested X server
 xserver-xephyr - nested X server
 xserver-xorg-core - Xorg X server - core server
 xserver-xorg-core-udeb - Xorg X server - core server (udeb)
 xserver-xorg-dev - Xorg X server - development files
 xserver-xorg-legacy - setuid root Xorg server wrapper
 xvfb       - Virtual Framebuffer 'fake' X server
Changes:
 xorg-server (2:21.1.7-3+deb12u9) bookworm-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Cursor: Refuse to free the root cursor (CVE-2025-26594)
   * dix: keep a ref to the rootCursor (CVE-2025-26594)
   * xkb: Fix buffer overflow in XkbVModMaskText() (CVE-2025-26595)
   * xkb: Fix computation of XkbSizeKeySyms (CVE-2025-26596)
   * xkb: Fix buffer overflow in XkbChangeTypesOfKey() (CVE-2025-26597)
   * Xi: Fix barrier device search (CVE-2025-26598)
   * composite: Handle failure to redirect in compRedirectWindow()
     (CVE-2025-26599)
   * composite: initialize border clip even when pixmap alloc fails
     (CVE-2025-26599)
   * dix: Dequeue pending events on frozen device on removal (CVE-2025-26600)
   * sync: Do not let sync objects uninitialized (CVE-2025-26601)
   * sync: Check values before applying changes (CVE-2025-26601)
   * sync: Do not fail SyncAddTriggerToSyncObject() (CVE-2025-26601)
   * sync: Apply changes last in SyncChangeAlarmAttributes() (CVE-2025-26601)
Checksums-Sha1:
 937edfbf298c4caa356be461bc20060f86609f96 2659588 xnest-dbgsym_21.1.7-3+deb12u9_s390x.deb
 2394ecaebb51548f4aa53722aaecbe3e1153dcaa 2949528 xnest_21.1.7-3+deb12u9_s390x.deb
 a4df9851389948fdd472d87fbb3244fcb74bbea1 14491 xorg-server_21.1.7-3+deb12u9_s390x-buildd.buildinfo
 20c268504d43865bbbbb9e015071494e406bc839 3913320 xserver-xephyr-dbgsym_21.1.7-3+deb12u9_s390x.deb
 d6f2d0aa7068de740d6ed95a0fda121f8b4e65e5 3199416 xserver-xephyr_21.1.7-3+deb12u9_s390x.deb
 257e61d77a1d15a0a754de09c93d854ad6ec4282 5680036 xserver-xorg-core-dbgsym_21.1.7-3+deb12u9_s390x.deb
 4d11348ff4694e8663cf8556fc02eb35b861ccf8 886620 xserver-xorg-core-udeb_21.1.7-3+deb12u9_s390x.udeb
 5535d02dad0bc289a21338a4dba358c59ea0816a 3583596 xserver-xorg-core_21.1.7-3+deb12u9_s390x.deb
 431401be6f1c7eff9fa98d51aa3f3e9aa7d8e090 2554508 xserver-xorg-dev_21.1.7-3+deb12u9_s390x.deb
 87a02fb9501e593bae1515cf5c5d1b504c71e97b 9068 xserver-xorg-legacy-dbgsym_21.1.7-3+deb12u9_s390x.deb
 e02d20878bfecc202b55ad16306ed2bf9700a378 2388388 xserver-xorg-legacy_21.1.7-3+deb12u9_s390x.deb
 0d12a1b282f1ec48198d110ebeed0c5cdb03873c 3247684 xvfb-dbgsym_21.1.7-3+deb12u9_s390x.deb
 e908dcf06859813f20dd48670cb33fd4b59f28bb 3075284 xvfb_21.1.7-3+deb12u9_s390x.deb
Checksums-Sha256:
 97d55136a4995f64c3c40567794ccd257c0dd45a8dd637b9d0070e8a46d8b469 2659588 xnest-dbgsym_21.1.7-3+deb12u9_s390x.deb
 0a42caf2ad985fbceed46c802b64c87e9bdfbf7d99ad8ce87ef58a133e78050a 2949528 xnest_21.1.7-3+deb12u9_s390x.deb
 1251ac8ad33e261969e38d15a9269f12514e5e3131c9b94ef00ee9de1bb9c0f8 14491 xorg-server_21.1.7-3+deb12u9_s390x-buildd.buildinfo
 be3cc64e595275e5afbabb60f9e7c77f1d774dc2d806510377c328f401e4a661 3913320 xserver-xephyr-dbgsym_21.1.7-3+deb12u9_s390x.deb
 62216bc7824027d999fafb03a34b5e456c519ee760ac5e551c7ffabc85221f01 3199416 xserver-xephyr_21.1.7-3+deb12u9_s390x.deb
 cc8de04713ce45d232be8610490c9939e7ee02daed80ea3c6bbf7e7b7b1f3c71 5680036 xserver-xorg-core-dbgsym_21.1.7-3+deb12u9_s390x.deb
 c17c6d6389d45dd0bce825a7137047b939c8c65b8ffd13d434ff77dba5ae1b19 886620 xserver-xorg-core-udeb_21.1.7-3+deb12u9_s390x.udeb
 3728bc90f3b698e79ff1d83e863b09273228ddc977902258310ca17cab411fa1 3583596 xserver-xorg-core_21.1.7-3+deb12u9_s390x.deb
 07fba1e5880caa771104ec22b476a9833f41ec46cbe1a47887ed886bd9a70766 2554508 xserver-xorg-dev_21.1.7-3+deb12u9_s390x.deb
 74f699bddb21ed48a35264609ad0e4bbf020de818450b20a5a0c6991fd53e9fc 9068 xserver-xorg-legacy-dbgsym_21.1.7-3+deb12u9_s390x.deb
 2354faba24b5529f0dfa18ab565b141cc80ad2b86e0b423f6ac82f90360d07a2 2388388 xserver-xorg-legacy_21.1.7-3+deb12u9_s390x.deb
 31628121152c0c0869029c444a55c798e104bf5d1bb6894e79ac76f2d1205bad 3247684 xvfb-dbgsym_21.1.7-3+deb12u9_s390x.deb
 620866317b0a84b85299c37bbda7501c0541bfaecf1d5024a925ed8f597960e7 3075284 xvfb_21.1.7-3+deb12u9_s390x.deb
Files:
 2631e7bc001f58f8d4d16fa93b763afb 2659588 debug optional xnest-dbgsym_21.1.7-3+deb12u9_s390x.deb
 8faaa10eacdef6010c9ccb288717226f 2949528 x11 optional xnest_21.1.7-3+deb12u9_s390x.deb
 316c3100c8b42cba8718e69a9b08c897 14491 x11 optional xorg-server_21.1.7-3+deb12u9_s390x-buildd.buildinfo
 36b9383cc5d345b09020c4fef1765465 3913320 debug optional xserver-xephyr-dbgsym_21.1.7-3+deb12u9_s390x.deb
 df2e13301d0faea2cf999fa8a0a47cdb 3199416 x11 optional xserver-xephyr_21.1.7-3+deb12u9_s390x.deb
 64186d65a1faaae3c199fd845d9e7566 5680036 debug optional xserver-xorg-core-dbgsym_21.1.7-3+deb12u9_s390x.deb
 3eb57ca37e916cfb4155e2614f7fadff 886620 debian-installer optional xserver-xorg-core-udeb_21.1.7-3+deb12u9_s390x.udeb
 b325d6acedb07e81b415519a123531b3 3583596 x11 optional xserver-xorg-core_21.1.7-3+deb12u9_s390x.deb
 f17511fe2324d6005fd99e4b48705490 2554508 x11 optional xserver-xorg-dev_21.1.7-3+deb12u9_s390x.deb
 b89116fa5addf1233569e806f0994015 9068 debug optional xserver-xorg-legacy-dbgsym_21.1.7-3+deb12u9_s390x.deb
 fee2d86d99bd4eb1b4490059a2222f44 2388388 x11 optional xserver-xorg-legacy_21.1.7-3+deb12u9_s390x.deb
 869eef6007ace247b6f9104c95d7a055 3247684 debug optional xvfb-dbgsym_21.1.7-3+deb12u9_s390x.deb
 cced81b2da4c0e9ffff0201ce12bbfec 3075284 x11 optional xvfb_21.1.7-3+deb12u9_s390x.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEu0D/YpnnSxv8epH9AKOyQzsWVasFAme2LwAACgkQAKOyQzsW
VasSpQ//S1RXOVnwRMy+sX1XVlzPu1F2khswJfQbSHLq/EGFaSC87NRGziWPmhsN
iqbMnT8lS6GYDe61tUAwf/fDK0/87LGGzSCpfokwK/gbSqpTTi15kuFO3UK+3tWV
MO4XThPi/GB1MBoCLEnoNeGUwjj2XwRdYVi3TX860L07lTDlRIuftaL58xhL9Mw/
uUKlYWV5Ex47E60pB8zXD4SEwB1yI1pHFk+p1D/hGAAezZZg1xHAJmdvHx95RX6l
Gb27l3Rs/F11zbhTBbS/0pDc2stfUKLqSidTxDHk/WsFc+p/eIfqcghTlXMhah5f
ALJO8SKF+eRHKzNNui8ZBYyYYNC9//GmYr2HA63iwYY1MHDEkd3FgYhSu6LBuq3W
Z0hZJ3oHnoIQRfYWCePAYhjP59r5BGVTc7Lpuav4zVDvLZpYVIayx9MJeS0Gy64T
b+6qVmG3PuDOCUkcT3DdfX/0nF3wNTnaeet2KEgmbdpgZIpu0jR7L0R744mfC0g2
h5HcvFa+wpigKLHnMl0Q8UnfCBd2KmyFG2Za2PdKxCky3kfMdaC+uBQXKiGVkCop
cVEfzR6EiJHqP/H6wzu2O70+yWAh/jdNxsjPu8YSMGUBTs56WBPstIN4SJliEY0r
12Wv949FpPWM1khhNCQItTT9Pg36EZxLdp7EC0r69kCG4MfQSGw=
=C5et
-----END PGP SIGNATURE-----