[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freedesktop-xorg
Subject:    [ANNOUNCE] xwayland 23.2.5
From:       Olivier Fourdan <ofourdan () redhat ! com>
Date:       2024-04-03 16:24:17
Message-ID: 7597156f-b9e5-4cf5-a097-3555346ddc96 () redhat ! com
[Download RAW message or body]

[Attachment #2 (multipart/mixed)]

[Attachment #4 (multipart/mixed)]

[Attachment #6 (text/plain)]

This release contains the 3 security fixes that actually apply to
Xwayland reported in today's security advisory:

  * CVE-2024-31080
  * CVE-2024-31081
  * CVE-2024-31083

Additionally, it also contains a couple of other fixes, a copy/paste
error in the DeviceStateNotify event and a fix to enable buttons with
pointer gestures for backward compatibility with legacy X11 clients.

Alan Coopersmith (2):
       Xi: ProcXIGetSelectedEvents needs to use unswapped length to send reply
       Xi: ProcXIPassiveGrabDevice needs to use unswapped length to send reply

Olivier Fourdan (1):
       Bump version to 23.2.5

Peter Hutterer (2):
       dix: fix valuator copy/paste error in the DeviceStateNotify event
       render: fix refcounting of glyphs during ProcRenderAddGlyphs

Warren Togami (1):
       xwayland: Ensure pointer for gestures has buttons

git tag: xwayland-23.2.5

https://xorg.freedesktop.org/archive/individual/xserver/xwayland-23.2.5.tar.xz
SHA256: 33ec7ff2687a59faaa52b9b09aa8caf118e7ecb6aed8953f526a625ff9f4bd90  \
                xwayland-23.2.5.tar.xz
SHA512: 8cf90d51db7c4c7e8191b5919e6529fe577bc735bb1d00fbc0139cb67ef95d30eb56c2026f3b2f639745c6a621b33bbd60f9ebabdd12175148dd192393ce1169 \
                xwayland-23.2.5.tar.xz
PGP:  https://xorg.freedesktop.org/archive/individual/xserver/xwayland-23.2.5.tar.xz.sig



["OpenPGP_0x14706DBE1E4B4540.asc" (application/pgp-keys)]
["OpenPGP_signature.asc" (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]