[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for xorg-server issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Jun 2 10:35:47 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
058a0a9c by Salvatore Bonaccorso at 2026-06-02T11:13:54+02:00
Add Debian bug reference for xorg-server issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -313,63 +313,63 @@ CVE-2018-25428 (Paroiciel 11.20 contains an SQL injection vulnerability that all
CVE-2018-25427 (Arm Whois 3.11 contains a stack-based buffer overflow vulnerability th ...)
TODO: check
CVE-2026-XXXX [Font Alias Stack-based Buffer Overflow]
- - xorg-server <unfixed>
+ - xorg-server <unfixed> (bug #1138680)
- xwayland <unfixed>
[trixie] - xwayland <ignored> (Minor issue; Xwayland shouldn't be running as root)
[bookworm] - xwayland <ignored> (Minor issue; Xwayland shouldn't be running as root)
NOTE: https://www.openwall.com/lists/oss-security/2026/06/02/1
NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/bb5158f962dc935e58ef8b4b5fcb31be201a6e07
CVE-2026-XXXX [XSYNC Use-After-Free in miSyncDestroyFence()]
- - xorg-server <unfixed>
+ - xorg-server <unfixed> (bug #1138680)
- xwayland <unfixed>
[trixie] - xwayland <ignored> (Minor issue; Xwayland shouldn't be running as root)
[bookworm] - xwayland <ignored> (Minor issue; Xwayland shouldn't be running as root)
NOTE: https://www.openwall.com/lists/oss-security/2026/06/02/1
NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/f5abfb61994471023d8c6470428c8e30c411cc0b
CVE-2026-XXXX [XKB Key Types Stack-based Buffer Overflow]
- - xorg-server <unfixed>
+ - xorg-server <unfixed> (bug #1138680)
- xwayland <unfixed>
[trixie] - xwayland <ignored> (Minor issue; Xwayland shouldn't be running as root)
[bookworm] - xwayland <ignored> (Minor issue; Xwayland shouldn't be running as root)
NOTE: https://www.openwall.com/lists/oss-security/2026/06/02/1
NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/543e108516428fc8c3bea91d6563ad266f9a801e
CVE-2026-XXXX [XKB SetMap Request Stack-based Buffer Overflow]
- - xorg-server <unfixed>
+ - xorg-server <unfixed> (bug #1138680)
- xwayland <unfixed>
[trixie] - xwayland <ignored> (Minor issue; Xwayland shouldn't be running as root)
[bookworm] - xwayland <ignored> (Minor issue; Xwayland shouldn't be running as root)
NOTE: https://www.openwall.com/lists/oss-security/2026/06/02/1
NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/867b59b33bee669cb412f1314e47c52eacf6e00b
CVE-2026-XXXX [XSYNC Use-After-Free in FreeCounter()]
- - xorg-server <unfixed>
+ - xorg-server <unfixed> (bug #1138680)
- xwayland <unfixed>
[trixie] - xwayland <ignored> (Minor issue; Xwayland shouldn't be running as root)
[bookworm] - xwayland <ignored> (Minor issue; Xwayland shouldn't be running as root)
NOTE: https://www.openwall.com/lists/oss-security/2026/06/02/1
NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/f5abfb61994471023d8c6470428c8e30c411cc0b
CVE-2026-XXXX [XSYNC Use-After-Free in SyncChangeCounter()]
- - xorg-server <unfixed>
+ - xorg-server <unfixed> (bug #1138680)
- xwayland <unfixed>
[trixie] - xwayland <ignored> (Minor issue; Xwayland shouldn't be running as root)
[bookworm] - xwayland <ignored> (Minor issue; Xwayland shouldn't be running as root)
NOTE: https://www.openwall.com/lists/oss-security/2026/06/02/1
NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/bdd7bf57af208b1ddf57d4683d67104443b44812
CVE-2026-XXXX [GLX ChangeDrawableAttributes Out-Of-Bounds Read/Write]
- - xorg-server <unfixed>
+ - xorg-server <unfixed> (bug #1138680)
- xwayland <unfixed>
[trixie] - xwayland <ignored> (Minor issue; Xwayland shouldn't be running as root)
[bookworm] - xwayland <ignored> (Minor issue; Xwayland shouldn't be running as root)
NOTE: https://www.openwall.com/lists/oss-security/2026/06/02/1
NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/6d459e4daf715bea8abdafa8fb130be2f8a1d145
CVE-2026-XXXX [CreateSaverWindow Use-After-Free Information Disclosure]
- - xorg-server <unfixed>
+ - xorg-server <unfixed> (bug #1138680)
- xwayland <unfixed>
[trixie] - xwayland <ignored> (Minor issue; Xwayland shouldn't be running as root)
[bookworm] - xwayland <ignored> (Minor issue; Xwayland shouldn't be running as root)
NOTE: https://www.openwall.com/lists/oss-security/2026/06/02/1
NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/ecc634f1b2f7aa473d3a267eada98c4918bf9e05
CVE-2026-XXXX [DRI2 DRIGetBuffers/DRIGetBuffersWithFormat Out-Of-Bounds Write]
- - xorg-server <unfixed>
+ - xorg-server <unfixed> (bug #1138680)
- xwayland <unfixed>
[trixie] - xwayland <ignored> (Minor issue; Xwayland shouldn't be running as root)
[bookworm] - xwayland <ignored> (Minor issue; Xwayland shouldn't be running as root)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/058a0a9c0fd7fb7f21f520cfc589b7caf2b0c809
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/058a0a9c0fd7fb7f21f520cfc589b7caf2b0c809
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260602/dbdd7eed/attachment.htm>
More information about the debian-security-tracker-commits
mailing list