Release date:
2025-11-20 15:18:39 UTC
Description:
- CVE-2023-1393: fix use-after-free in compositor overlay window by clearing
dangling COW pointer
- CVE-2024-31080: prevent heap over-read in ProcXIGetSelectedEvents() caused
by using byte-swapped length values in replies.
- CVE-2024-31081: fix buffer over-read in ProcXIPassiveGrabDevice by using correct
unswapped length for replies
- CVE-2025-26600: fix use-after-free by clearing pending events when
removing a frozen device
Updated packages:
-
xorg-x11-server-Xwayland-21.1.3-7.el9.tuxcare.els9.i686.rpm
sha:37e146480213a98956ce61c4926d34ef68b9ce5f2369cf17b050d4e9582646a7
-
xorg-x11-server-Xwayland-21.1.3-7.el9.tuxcare.els9.x86_64.rpm
sha:a70a3c04f32d5b977148b3f11638fb5c7b7319cc8b463dbcd6e763bbf21cc2c6
-
xorg-x11-server-Xwayland-devel-21.1.3-7.el9.tuxcare.els9.i686.rpm
sha:c2cb3225d9a05a8f1c7bed85353e1e9a3ea0b480f4c6e47c72861e742a95841f
-
xorg-x11-server-Xwayland-devel-21.1.3-7.el9.tuxcare.els9.x86_64.rpm
sha:0a881238d381c9b0af140a8414d5cbf9b10ae8551825fcdd8ed9282a59665658
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
