This release addresses the following 4 security issues:
* CVE-2024-31080
* CVE-2024-31081
* CVE-2024-31082
* CVE-2024-31083
Additionally it provides a way to disable byte-swapped clients either by
command line flag or config option. This allows to turn off byte swapping
code that has been a source of security problems lately.
Alan Coopersmith (4):
Xext: SProcSyncCreateFence needs to swap drawable id too
Xi: ProcXIGetSelectedEvents needs to use unswapped length to send reply
Xi: ProcXIPassiveGrabDevice needs to use unswapped length to send reply
Xquartz: ProcAppleDRICreatePixmap needs to use unswapped length to send
reply
Matthieu Herrb (1):
Initialize Mode->name in xf86CVTMode()
Peter Hutterer (2):
Allow disabling byte-swapped clients
render: fix refcounting of glyphs during ProcRenderAddGlyphs
Povilas Kanapickas (2):
dix: Fix use after free in input device shutdown
xserver 21.1.12
Yusuf Khan (1):
hw/xfree86: fix NULL pointer refrence to mode name
git tag:
https://xorg.freedesktop.org/archive/individual/xserver/xorg-server-21.1.12.tar.gz
SHA256: f76a5878b0e6d16415cf0cd24ffc21090845fef3bc4ada45e57ea86b6c8fb75b
xorg-server-21.1.12.tar.gz
SHA512:
008bc195ecfa43af5cda20f3b8fb3956f028e6b0307ca94e85d326f6dc87b354428923e5d137365814cc874d06421c9b15957c26f07d268c238cb4c35e7e0a5e
xorg-server-21.1.12.tar.gz
PGP:
https://xorg.freedesktop.org/archive/individual/xserver/xorg-server-21.1.12.tar.gz.sig
https://xorg.freedesktop.org/archive/individual/xserver/xorg-server-21.1.12.tar.xz
SHA256: 1e016e2be1b5ccdd65eac3ea08e54bd13ce8f4f6c3fb32ad6fdac4e71729a90f
xorg-server-21.1.12.tar.xz
SHA512:
4c58bd5619be87dc52318c3719e8a05803835a96500bbd207b9fc056846f4473773a5dcb7ae96d8fdd3c9fe320f94e0136c8e8b2fc42a2064a947f5d48861054
xorg-server-21.1.12.tar.xz
PGP:
https://xorg.freedesktop.org/archive/individual/xserver/xorg-server-21.1.12.tar.xz.sig