oss-sec mailing list archives
Re: Fwd: X.Org Security Advisory: multiple security issues X.Org X server and Xwayland
From: Alan Coopersmith <alan.coopersmith () oracle com>
Date: Wed, 15 Apr 2026 16:05:48 -0700
On 4/14/26 06:47, Olivier Fourdan wrote:
====================================================================== X.Org Security Advisory: April 14, 2026 Issues in X.Org X server prior to 21.1.22 and Xwayland prior to 24.1.10 ====================================================================== Multiple issues have been found in the X server and Xwayland implementations published by X.Org for which we are releasing security fixes for in xorg-server-21.1.22 and xwayland-24.1.10.
Note that the releases include additional fixes that don't have CVEs assigned, including hardening changes & fixing issues found by gcc's -fanalyzer, and adds a SECURITY.md file covering X.Org's security reporting & announcement processes, and the security model we use to evaluate reported issues, so those concerned about security are recommended to adopt the entire release, not just apply the patches for the CVEs. https://gitlab.freedesktop.org/xorg/xserver/-/commits/xwayland-24.1 https://gitlab.freedesktop.org/xorg/xserver/-/commits/server-21.1-branch -- -Alan Coopersmith- alan.coopersmith () oracle com X.Org Security Response Team - xorg-security () lists x org
Current thread:
- Fwd: X.Org Security Advisory: multiple security issues X.Org X server and Xwayland Olivier Fourdan (Apr 14)
- Re: Fwd: X.Org Security Advisory: multiple security issues X.Org X server and Xwayland Alan Coopersmith (Apr 15)
- <Possible follow-ups>
- FW: X.Org Security Advisory: multiple security issues X.Org X server and Xwayland Peter Hutterer (Jun 01)
- Re: FW: X.Org Security Advisory: multiple security issues X.Org X server and Xwayland Peter Hutterer (Jun 04)
