The X.Org Foundation today published fixes for CVE-2017-13721 & CVE-2017-13723 as part of the xorg-server 1.19.4 release. Git commits for these vulnerabilities: https://cgit.freedesktop.org/xorg/xserver/commit/?id=b95f25af141d33a65f6f821ea9c003f66a01e1f1 https://cgit.freedesktop.org/xorg/xserver/commit/?id=94f11ca5cf011ef123bd222cabeaef6f424d76ac xorg-server 1.19.4 announcement: https://lists.x.org/archives/xorg-announce/2017-October/002808.html X.Org thanks Michal Srb of SuSE for finding these issues and bringing them to our attention, Julien Cristau of Debian for getting the fixes integrated, and Adam Jackson of Red Hat for publishing the release. -- -Alan Coopersmith- alan.coopersmith at oracle.com X.Org Security Response Team - xorg-security at lists.x.org