This release contains the fixes for the issues reported in today's security advisory: https://lists.x.org/archives/xorg-announce/2025-February/003584.html
* CVE-2025-26594
* CVE-2025-26595
* CVE-2025-26596
* CVE-2025-26597
* CVE-2025-26598
* CVE-2025-26599
* CVE-2025-26600
* CVE-2025-26601
Additionally, it reverts a recent Xkb change to fix an issue with
gamescope.
Olivier Fourdan (15):
Revert "xwayland: Don't run key behaviors and actions"
test: Fix xsync test
Cursor: Refuse to free the root cursor
xkb: Fix buffer overflow in XkbVModMaskText()
xkb: Fix computation of XkbSizeKeySyms
xkb: Fix buffer overflow in XkbChangeTypesOfKey()
Xi: Fix barrier device search
composite: Handle failure to redirect in compRedirectWindow()
composite: initialize border clip even when pixmap alloc fails
dix: Dequeue pending events on frozen device on removal
sync: Do not let sync objects uninitialized
sync: Check values before applying changes
sync: Do not fail SyncAddTriggerToSyncObject()
sync: Apply changes last in SyncChangeAlarmAttributes()
Bump version to 24.1.6
Peter Hutterer (1):
dix: keep a ref to the rootCursor
git tag: xwayland-24.1.6
https://xorg.freedesktop.org/archive/individual/xserver/xwayland-24.1.6.tar.xz
SHA256: 737e612ca36bbdf415a911644eb7592cf9389846847b47fa46dc705bd754d2d7
xwayland-24.1.6.tar.xz
SHA512:
b6dcc87f5c4d880cb23216518171a704c2a501803ac2efd9d01760895d755a617cd82313c6516f27a888b0581c64d74e3f8db5c238e1ae0d13da6cc1a547c02f
xwayland-24.1.6.tar.xz
PGP:
https://xorg.freedesktop.org/archive/individual/xserver/xwayland-24.1.6.tar.xz.sig
OpenPGP_0x14706DBE1E4B4540.asc
Description: OpenPGP public key
OpenPGP_signature.asc
Description: OpenPGP digital signature
