[ubuntu/jammy-proposed] xwayland 2:21.1.3-1ubuntu1 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Tue Dec 14 17:56:12 UTC 2021 

xwayland (2:21.1.3-1ubuntu1) jammy; urgency=medium

  * SECURITY UPDATE: SProcRenderCompositeGlyphs out-of-bounds access
    - debian/patches/CVE-2021-4008.patch: check lengths in render/render.c.
    - CVE-2021-4008
  * SECURITY UPDATE: SProcXFixesCreatePointerBarrier out-of-bounds access
    - debian/patches/CVE-2021-4009.patch: use sizes in xfixes/cursor.c.
    - CVE-2021-4009
  * SECURITY UPDATE: SProcScreenSaverSuspend out-of-bounds access
    - debian/patches/CVE-2021-4010.patch: fix logic in Xext/saver.c.
    - CVE-2021-4010
  * SECURITY UPDATE: SwapCreateRegister out-of-bounds access
    - debian/patches/CVE-2021-4011.patch: fix length in record/record.c.
    - CVE-2021-4011

Date: Tue, 14 Dec 2021 11:12:46 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/xwayland/2:21.1.3-1ubuntu1
-------------- next part --------------
Format: 1.8
Date: Tue, 14 Dec 2021 11:12:46 -0500
Source: xwayland
Built-For-Profiles: noudeb
Architecture: source
Version: 2:21.1.3-1ubuntu1
Distribution: jammy
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
 xwayland (2:21.1.3-1ubuntu1) jammy; urgency=medium
 .
   * SECURITY UPDATE: SProcRenderCompositeGlyphs out-of-bounds access
     - debian/patches/CVE-2021-4008.patch: check lengths in render/render.c.
     - CVE-2021-4008
   * SECURITY UPDATE: SProcXFixesCreatePointerBarrier out-of-bounds access
     - debian/patches/CVE-2021-4009.patch: use sizes in xfixes/cursor.c.
     - CVE-2021-4009
   * SECURITY UPDATE: SProcScreenSaverSuspend out-of-bounds access
     - debian/patches/CVE-2021-4010.patch: fix logic in Xext/saver.c.
     - CVE-2021-4010
   * SECURITY UPDATE: SwapCreateRegister out-of-bounds access
     - debian/patches/CVE-2021-4011.patch: fix length in record/record.c.
     - CVE-2021-4011
Checksums-Sha1:
 d4d19db2e9b5e1c6782e6e8cf9702e5ec31329b8 2559 xwayland_21.1.3-1ubuntu1.dsc
 4cc578bfb91a6a53504ba38ed4891a07047a956a 34188 xwayland_21.1.3-1ubuntu1.debian.tar.xz
 424dcc27e5bd60767b560b347654d6790d0006a0 9948 xwayland_21.1.3-1ubuntu1_source.buildinfo
Checksums-Sha256:
 21a13af9411defe00aee6750e8a2acb0bd04ef9b93a0989fde7e9bc7d36d6434 2559 xwayland_21.1.3-1ubuntu1.dsc
 80a017d3b94cf714fb3a1ea855ae3d2aa27ecca2fac60bc24b5e4b49220fe52d 34188 xwayland_21.1.3-1ubuntu1.debian.tar.xz
 416300224ff34650aee7d1b2e206861a88e6197ddebc40e3cbc5f492ded4dfbf 9948 xwayland_21.1.3-1ubuntu1_source.buildinfo
Files:
 2379a67de509f0504922bee1955d8e47 2559 x11 optional xwayland_21.1.3-1ubuntu1.dsc
 cff996b9708e6f5bac950cf08385cdef 34188 x11 optional xwayland_21.1.3-1ubuntu1.debian.tar.xz
 cf8112db3c92954089e6074f916d1ec0 9948 x11 optional xwayland_21.1.3-1ubuntu1_source.buildinfo
Original-Maintainer: Debian X Strike Force <debian-x at lists.debian.org>

More information about the jammy-changes mailing list