UbuntuUpdates.org

Package "xorg-server"

Name: xorg-server

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • common files used by various X servers
  • nested X server
  • Xorg X server - core server
  • Xorg X server - development files
Latest version: 2:21.1.16-1ubuntu1.1
Release: plucky (25.04)
Level: updates
Repository: main

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "xorg-server" in Plucky

Repository Area Version
base main 2:21.1.16-1ubuntu1
base universe 2:21.1.16-1ubuntu1
security main 2:21.1.16-1ubuntu1.1
security universe 2:21.1.16-1ubuntu1.1
updates universe 2:21.1.16-1ubuntu1.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2:21.1.16-1ubuntu1.1 2025-06-17 21:07:39 UTC

  xorg-server (2:21.1.16-1ubuntu1.1) plucky-security; urgency=medium

  * SECURITY UPDATE: Out-of-bounds access in X Rendering extension
    - debian/patches/CVE-2025-49175.patch: avoid 0 or less animated cursors
      in render/animcur.c, render/render.c.
    - CVE-2025-49175
  * SECURITY UPDATE: Integer overflow in Big Requests Extension
    - debian/patches/CVE-2025-49176.patch: do not overflow the integer size
      with BigRequest in dix/dispatch.c, os/io.c.
    - CVE-2025-49176
  * SECURITY UPDATE: Data leak in XFIXES Extension 6
    - debian/patches/CVE-2025-49177.patch: check request length for
      SetClientDisconnectMode in xfixes/disconnect.c.
    - CVE-2025-49177
  * SECURITY UPDATE: Unprocessed client request via bytes to ignore
    - debian/patches/CVE-2025-49178.patch: account for bytes to ignore when
      sharing input buffer in os/io.c.
    - CVE-2025-49178
  * SECURITY UPDATE: Integer overflow in X Record extension
    - debian/patches/CVE-2025-49179.patch: check for overflow in
      RecordSanityCheckRegisterClients() in record/record.c.
    - CVE-2025-49179
  * SECURITY UPDATE: Integer overflow in RandR extension
    - debian/patches/CVE-2025-49180-1.patch: check for overflow in
      RRChangeProviderProperty() in randr/rrproviderproperty.c.
    - debian/patches/CVE-2025-49180-2.patch: check for RandR provider
      functions in hw/xfree86/modes/xf86RandR12.c.
    - CVE-2025-49180

 -- Marc Deslauriers <email address hidden> Tue, 10 Jun 2025 14:21:45 -0400
CVE-2025-49175 A flaw was found in the X Rendering extension's handling of animated c ...
CVE-2025-49176 A flaw was found in the Big Requests extension. The request length is ...
CVE-2025-49177 A flaw was found in the XFIXES extension. The XFixesSetClientDisconnec ...
CVE-2025-49178 A flaw was found in the X server's request handling. Non-zero 'bytes t ...
CVE-2025-49179 A flaw was found in the X Record extension. The RecordSanityCheckRegis ...
CVE-2025-49180 A flaw was found in the RandR extension, where the RRChangeProviderPro ...


About   -   Send Feedback to @ubuntu_updates