-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 20 Jun 2025 14:46:37 +0200
Source: xorg-server
Binary: xnest xnest-dbgsym xserver-xephyr xserver-xephyr-dbgsym xserver-xorg-core xserver-xorg-core-dbgsym xserver-xorg-core-udeb xserver-xorg-dev xserver-xorg-legacy xserver-xorg-legacy-dbgsym xvfb xvfb-dbgsym
Architecture: armhf
Version: 2:21.1.7-3+deb12u10
Distribution: bookworm-security
Urgency: high
Maintainer: arm Build Daemon (arm-conova-04) <buildd_arm64-arm-conova-04@buildd.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Description:
 xnest      - Nested X server
 xserver-xephyr - nested X server
 xserver-xorg-core - Xorg X server - core server
 xserver-xorg-core-udeb - Xorg X server - core server (udeb)
 xserver-xorg-dev - Xorg X server - development files
 xserver-xorg-legacy - setuid root Xorg server wrapper
 xvfb       - Virtual Framebuffer 'fake' X server
Changes:
 xorg-server (2:21.1.7-3+deb12u10) bookworm-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * render: Avoid 0 or less animated cursors (CVE-2025-49175)
   * os: Do not overflow the integer size with BigRequest (CVE-2025-49176)
   * xfixes: Check request length for SetClientDisconnectMode (CVE-2025-49177)
   * os: Account for bytes to ignore when sharing input buffer (CVE-2025-49178)
   * record: Check for overflow in RecordSanityCheckRegisterClients()
     (CVE-2025-49179)
   * randr: Check for overflow in RRChangeProviderProperty() (CVE-2025-49180)
   * xfree86: Check for RandR provider functions (CVE-2025-49180)
   * os: Check for integer overflow on BigRequest length (CVE-2025-49176)
Checksums-Sha1:
 2499e6e35a3222cbd5ac0c52df8016cce72c9d78 2643096 xnest-dbgsym_21.1.7-3+deb12u10_armhf.deb
 37c2b0f58c11dbd753ba75cf304e6172cdccdfba 2905828 xnest_21.1.7-3+deb12u10_armhf.deb
 0210c6a3f79d35efba3c1d0ad0f80a229e5ffa6a 14876 xorg-server_21.1.7-3+deb12u10_armhf-buildd.buildinfo
 87a0d681801404b707796c80de8ac042b6b74abd 3878044 xserver-xephyr-dbgsym_21.1.7-3+deb12u10_armhf.deb
 0d348302293e651af79bca974ff5967c97cd31db 3126812 xserver-xephyr_21.1.7-3+deb12u10_armhf.deb
 1e13d69042e864db795e414ec69a108b5929ee8b 5665852 xserver-xorg-core-dbgsym_21.1.7-3+deb12u10_armhf.deb
 50cfbda3f865c4a74a3e950437b22e5c9ad98633 807940 xserver-xorg-core-udeb_21.1.7-3+deb12u10_armhf.udeb
 bab198e7af50a5d059e328135603a16fb76d7458 3477796 xserver-xorg-core_21.1.7-3+deb12u10_armhf.deb
 d92d6aa269d4236d5afc1265f8c7e87e9912951f 2554676 xserver-xorg-dev_21.1.7-3+deb12u10_armhf.deb
 b248eac1139f0b3a0751424b7763bdabf48acd5e 9572 xserver-xorg-legacy-dbgsym_21.1.7-3+deb12u10_armhf.deb
 064ec36f0e0abb4f0b820af192102f0a393baa61 2388548 xserver-xorg-legacy_21.1.7-3+deb12u10_armhf.deb
 ac3ebd4468336ef31538a85e8dcb07658369a21b 3205220 xvfb-dbgsym_21.1.7-3+deb12u10_armhf.deb
 756bbe711bb60a64c946d4d0a1f17aab97dbda93 3011620 xvfb_21.1.7-3+deb12u10_armhf.deb
Checksums-Sha256:
 aa80c6d5b701983456961981db262b54a88d291212538abf4dea9a0e96b7d5c3 2643096 xnest-dbgsym_21.1.7-3+deb12u10_armhf.deb
 b8e33c8b188a84c28f5242825387aecfe56582bc691321202dad98a7a9ecd916 2905828 xnest_21.1.7-3+deb12u10_armhf.deb
 a1918597858e5372365c8e4a5a995157e8ca3f8fe75ccecf2b283f55519e3d45 14876 xorg-server_21.1.7-3+deb12u10_armhf-buildd.buildinfo
 3d5aac5faa69e51c8fe33e6554b86d11b44c62d6a693ac61150ca6d871dec8cc 3878044 xserver-xephyr-dbgsym_21.1.7-3+deb12u10_armhf.deb
 ec430585d440f4d38f6c30c3fe889f4f59800ac2c3cc6cfeda90212b4b739293 3126812 xserver-xephyr_21.1.7-3+deb12u10_armhf.deb
 13808d4cf1dd9df20d5970f60b1c1cab291df521cf37ade606c94c68b90f80f6 5665852 xserver-xorg-core-dbgsym_21.1.7-3+deb12u10_armhf.deb
 e7cc046a3565f91fd6c5426df39faf4ede41eb134afb2f77e44f7eaebcb46e2a 807940 xserver-xorg-core-udeb_21.1.7-3+deb12u10_armhf.udeb
 93088b2dadb5d97d5caf45a23fea8484a8117d59e7ca4cd496f5fcca272d3808 3477796 xserver-xorg-core_21.1.7-3+deb12u10_armhf.deb
 7daa80dbfc2dd5e0142ffdb8d5bb0cbe5fff966a9c613e25999fa7a3c3bf5979 2554676 xserver-xorg-dev_21.1.7-3+deb12u10_armhf.deb
 0d278495ab0b16b1ed53e3e9c4204bd1ec2d74512e5badc6c6cb005142a8ea68 9572 xserver-xorg-legacy-dbgsym_21.1.7-3+deb12u10_armhf.deb
 d0cc3e9aafeb951dc94406f1d8d88a9c2deae34467c5ccb62003d60e6eaf26e2 2388548 xserver-xorg-legacy_21.1.7-3+deb12u10_armhf.deb
 9d00462d343a978d5b47cdceb2cd20da182662a3d6011356160da6e215d711a9 3205220 xvfb-dbgsym_21.1.7-3+deb12u10_armhf.deb
 9e91d0242005a8291310ffe4f60918fbbe6618b4df3eaf34f71ed654838bd733 3011620 xvfb_21.1.7-3+deb12u10_armhf.deb
Files:
 d51829bb73cd92194612473a6c3eb8a0 2643096 debug optional xnest-dbgsym_21.1.7-3+deb12u10_armhf.deb
 a597df89667820fcc028966fd5405981 2905828 x11 optional xnest_21.1.7-3+deb12u10_armhf.deb
 3d380feac8bb5912099f82ae8383f834 14876 x11 optional xorg-server_21.1.7-3+deb12u10_armhf-buildd.buildinfo
 f1987e23b1a92a4d02bfaf3a038e0965 3878044 debug optional xserver-xephyr-dbgsym_21.1.7-3+deb12u10_armhf.deb
 5a58db41cc326c6b5f6e326f546e9ff4 3126812 x11 optional xserver-xephyr_21.1.7-3+deb12u10_armhf.deb
 98b9d28abaa1ab3b5f3a9a35be23fa19 5665852 debug optional xserver-xorg-core-dbgsym_21.1.7-3+deb12u10_armhf.deb
 157e00d6f7f91aa905696e6d5f24018c 807940 debian-installer optional xserver-xorg-core-udeb_21.1.7-3+deb12u10_armhf.udeb
 fd8855e6cc1776069e49654b9359143b 3477796 x11 optional xserver-xorg-core_21.1.7-3+deb12u10_armhf.deb
 39e7a830eb207c28a608091f5d7b7be5 2554676 x11 optional xserver-xorg-dev_21.1.7-3+deb12u10_armhf.deb
 7d987651eba7ff53984d0e936357a741 9572 debug optional xserver-xorg-legacy-dbgsym_21.1.7-3+deb12u10_armhf.deb
 0194249a04c20c8fbcd6701f747fd2e9 2388548 x11 optional xserver-xorg-legacy_21.1.7-3+deb12u10_armhf.deb
 c2513d90b186709f63f203696ce4d7c4 3205220 debug optional xvfb-dbgsym_21.1.7-3+deb12u10_armhf.deb
 37de0dca74b667e61a1b7f37b7d9e588 3011620 x11 optional xvfb_21.1.7-3+deb12u10_armhf.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEvEwFZ4bqkVI+Rh6t+N4VxR6LZYEFAmhVeGEACgkQ+N4VxR6L
ZYFR2g//WljWZI5f9HVcboSq3GYnanyFQsb8Ws1NGB9AUkF3KkV8sEYCvFN3DOw7
SlYvyr5hdB3OqRe1UKoZIw4FsIzR5i0Ya+MjGIv1dxE50/4GcYBHiTo8IR+67IBw
8tPSE6ZR9+Bmn/bGynHAUuNCEI/Uo4y046f4A8eO6w0G1z4zqjdxXfIg5kPI8yFd
hHVS9uOQZeHKNQR2zzmqsTxFGnLh8dyLksodoedVilv0Mrw6cqEPS/N0A0lB11Up
o9Cn917IcmWnNrZZxrq6rdBBBGUbcVX3hRfPRt5sk0zNjRSLhdCEk11Ik5Oe9frg
IF96DolODvccSJnsNHWRtcUzZUoGdDciF9oks0hC7QuLxFmJchYXncLSxVV+Lvtd
OliA2GEQ5sEFsAWmN8oqb6QBvkTpSICN0BlObZU1ymmY5qery0MAOKD4ZkNRzHXc
nJE6YxR5qHuEPFNM+TH2PWPz0KhzKxcKQTg52Z/H40kexl6lEhZndwcDD6FbzGQZ
pcCma+UCaxExDCuaXWrv9RL2B7zEcGbk0jEGgtcWJtroo67MA7nfL3XhmwbvJEIs
ZQ5tVApcJOidm3StZDYu4x/6sxBFi9IvNwtpKDwKQ/74ECixgjifbc7rCVqKPfvZ
MDk8Oon9veUFUe7fy7xQ7s7dtFNF5PC7EE2DicpjCZaG+K+m+Uw=
=Dgmw
-----END PGP SIGNATURE-----