[ANNOUNCE] xwayland 24.1.7

Olivier Fourdan ofourdan at redhat.com
Tue Jun 17 14:17:00 UTC 2025 

This release contains the fixes for the issues reported in today's security
advisory: https://lists.x.org/archives/xorg/2025-June/062055.html

   * CVE-2025-49175
   * CVE-2025-49176
   * CVE-2025-49177
   * CVE-2025-49178
   * CVE-2025-49179
   * CVE-2025-49180

Additionally, this release includes several other various fixes.

Alan Coopersmith (5):
       xkb: ensure XkbAllocNames sets num_rg to 0 on allocation failure
       xkb: Convert more sprintf calls to snprintf in xkbtext.c
       xkb: Add tbGetBufferString helper function
       pkgconfig files: Add URL
       dix-config.h: define HAVE_STRUCT_SOCKADDR_STORAGE for xtrans 1.6

José Expósito (1):
       xkb: Check that needed is > 0 in XkbResizeKeyActions

Martin Burggraf (1):
       xkb: correcting mathematical nonsense in XkbGeomFPText

Olivier Fourdan (7):
       render: Avoid 0 or less animated cursors
       os: Do not overflow the integer size with BigRequest
       xfixes: Check request length for SetClientDisconnectMode
       os: Account for bytes to ignore when sharing input buffer
       record: Check for overflow in RecordSanityCheckRegisterClients()
       randr: Check for overflow in RRChangeProviderProperty()
       Bump version to 24.1.7

Peter Hutterer (5):
       mi: don't crash on miPointerGetPosition for disabled devices
       mi: guard miPointer functions against NULL dereferences
       Xi: disallow grabbing disabled devices
       dix: fix erroneous BUG_RETURN check
       dix: pick the right keyboard for focus FollowKeyboard

git tag: xwayland-24.1.7

https://xorg.freedesktop.org/archive/individual/xserver/xwayland-24.1.7.tar.xz
SHA256: f7d97e248092878a3f7d3c68b25dab652bf970d9e6a17d30fbf457aaea139ccb  xwayland-24.1.7.tar.xz
SHA512: b5c5d39619743bff328c178a7496f04e17b527d3d7d6f6f54b0d2804fed54dbae16b76eb8f3921ca2557fa50b85601e40f8a2c809dc3c1e896cc1c662f91e013  xwayland-24.1.7.tar.xz
PGP:  https://xorg.freedesktop.org/archive/individual/xserver/xwayland-24.1.7.tar.xz.sig
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0x14706DBE1E4B4540.asc
Type: application/pgp-keys
Size: 2988 bytes
Desc: OpenPGP public key
URL: <https://lists.x.org/archives/xorg-announce/attachments/20250617/e38b110c/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 203 bytes
Desc: OpenPGP digital signature
URL: <https://lists.x.org/archives/xorg-announce/attachments/20250617/e38b110c/attachment-0001.sig>

More information about the xorg-announce mailing list