-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 20 Jun 2025 14:46:37 +0200
Source: xorg-server
Binary: xnest xnest-dbgsym xserver-xephyr xserver-xephyr-dbgsym xserver-xorg-core xserver-xorg-core-dbgsym xserver-xorg-core-udeb xserver-xorg-dev xserver-xorg-legacy xserver-xorg-legacy-dbgsym xvfb xvfb-dbgsym
Architecture: s390x
Version: 2:21.1.7-3+deb12u10
Distribution: bookworm-security
Urgency: high
Maintainer: s390x Build Daemon (zani) <buildd_s390x-zani@buildd.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Description:
 xnest      - Nested X server
 xserver-xephyr - nested X server
 xserver-xorg-core - Xorg X server - core server
 xserver-xorg-core-udeb - Xorg X server - core server (udeb)
 xserver-xorg-dev - Xorg X server - development files
 xserver-xorg-legacy - setuid root Xorg server wrapper
 xvfb       - Virtual Framebuffer 'fake' X server
Changes:
 xorg-server (2:21.1.7-3+deb12u10) bookworm-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * render: Avoid 0 or less animated cursors (CVE-2025-49175)
   * os: Do not overflow the integer size with BigRequest (CVE-2025-49176)
   * xfixes: Check request length for SetClientDisconnectMode (CVE-2025-49177)
   * os: Account for bytes to ignore when sharing input buffer (CVE-2025-49178)
   * record: Check for overflow in RecordSanityCheckRegisterClients()
     (CVE-2025-49179)
   * randr: Check for overflow in RRChangeProviderProperty() (CVE-2025-49180)
   * xfree86: Check for RandR provider functions (CVE-2025-49180)
   * os: Check for integer overflow on BigRequest length (CVE-2025-49176)
Checksums-Sha1:
 783f91c2b62fdfca3641a1569df1001d5d892d3a 2659676 xnest-dbgsym_21.1.7-3+deb12u10_s390x.deb
 9bf6d87fd536df3f7ad6302671e5af2436b3a892 2949884 xnest_21.1.7-3+deb12u10_s390x.deb
 f4b6d4252932b791aa95388a12850ddca904e897 14670 xorg-server_21.1.7-3+deb12u10_s390x-buildd.buildinfo
 988608083ae79cbbd428c531a78e580ecd2deddc 3913456 xserver-xephyr-dbgsym_21.1.7-3+deb12u10_s390x.deb
 432b70f603354a248794ff90c888be32d912bcd8 3199924 xserver-xephyr_21.1.7-3+deb12u10_s390x.deb
 c5dab9e3945665829141a6d3e480f2e81b6bdebb 5681560 xserver-xorg-core-dbgsym_21.1.7-3+deb12u10_s390x.deb
 a2a330f2369c620a87041b43a668652fb704af5e 886688 xserver-xorg-core-udeb_21.1.7-3+deb12u10_s390x.udeb
 b5e496d6de57d123cb0eb365443cc9d56176b452 3584736 xserver-xorg-core_21.1.7-3+deb12u10_s390x.deb
 78853253c87a2bb68997072a12bf734f9838c585 2554672 xserver-xorg-dev_21.1.7-3+deb12u10_s390x.deb
 541526afe2702f03736a75d6a4640e4bdd755be3 9076 xserver-xorg-legacy-dbgsym_21.1.7-3+deb12u10_s390x.deb
 3fb7382982bfa5e6e5f9dad58fc3cfe23ec28ebe 2388604 xserver-xorg-legacy_21.1.7-3+deb12u10_s390x.deb
 e575da1fbca54040f93cf818df4f24bbf760257c 3244804 xvfb-dbgsym_21.1.7-3+deb12u10_s390x.deb
 a517372c0f9ee61d209565d16812cad5d5cb6185 3075972 xvfb_21.1.7-3+deb12u10_s390x.deb
Checksums-Sha256:
 7490d07ad1d6af11656cf85d78d76903870c1bd47dc052aaca07cefb91a80d9e 2659676 xnest-dbgsym_21.1.7-3+deb12u10_s390x.deb
 6d0db77ffeef1e7c0af2d8f9ae28c76ce753ec5d415631f2fbd72ee4b7ce76ed 2949884 xnest_21.1.7-3+deb12u10_s390x.deb
 31101c3b17816a49e0a7f7caed5ae6a3fad40723d957122dd36edab8ca3cd90b 14670 xorg-server_21.1.7-3+deb12u10_s390x-buildd.buildinfo
 af724a97ef120aec21efa6ea8d9e39714ee18afec2cec9ce6db0a306d2c83ea1 3913456 xserver-xephyr-dbgsym_21.1.7-3+deb12u10_s390x.deb
 34e5e9e8aacffd76cedc4186a7fd57cc3d834f887c80ca845282ba1c77d57cee 3199924 xserver-xephyr_21.1.7-3+deb12u10_s390x.deb
 bd106fefd56493bfb7f35ff833256a366a45cae3fc6d6a2ff50cd4e34591f0b9 5681560 xserver-xorg-core-dbgsym_21.1.7-3+deb12u10_s390x.deb
 39c45d91ab1126b6660c3712c39cdfef52dbfd9c8ad90fbc99a9debd27fa85f0 886688 xserver-xorg-core-udeb_21.1.7-3+deb12u10_s390x.udeb
 b801cbaee30b478fc2de0927678f1c853f83d572ba1f8aa6eb33e0cd843ab451 3584736 xserver-xorg-core_21.1.7-3+deb12u10_s390x.deb
 d91e8dbdf839d1c0e79f8dd866b3e475a82c72c21fc53887bd4fa80f184cd384 2554672 xserver-xorg-dev_21.1.7-3+deb12u10_s390x.deb
 863f90f11fe5ba584fe350f18953d7372ac634d54a701c97a8b122407c5b58e4 9076 xserver-xorg-legacy-dbgsym_21.1.7-3+deb12u10_s390x.deb
 15954cbe9a9e7e443c53243f42c683befeaa4003692d4ccacf6a05fa45133285 2388604 xserver-xorg-legacy_21.1.7-3+deb12u10_s390x.deb
 1902f31860dc915d294ea31eaa93b6a7e13947252df834997295e887191f7d1c 3244804 xvfb-dbgsym_21.1.7-3+deb12u10_s390x.deb
 d50e633807046864a9ec6d3eb4118f9691d8894808c3d0381158f1adc657a04f 3075972 xvfb_21.1.7-3+deb12u10_s390x.deb
Files:
 9700b3f8ae2c15c8c0235f1096a20f87 2659676 debug optional xnest-dbgsym_21.1.7-3+deb12u10_s390x.deb
 0d922df0b17c84e23f97c789249cee18 2949884 x11 optional xnest_21.1.7-3+deb12u10_s390x.deb
 bac8d161cdfbad73b51878b14047db5c 14670 x11 optional xorg-server_21.1.7-3+deb12u10_s390x-buildd.buildinfo
 d511820043b6a4428fc19532d6550b3a 3913456 debug optional xserver-xephyr-dbgsym_21.1.7-3+deb12u10_s390x.deb
 4ffd7ffc0386f6774ec60912738b2c5f 3199924 x11 optional xserver-xephyr_21.1.7-3+deb12u10_s390x.deb
 1f9683dc85be4f9b287f2f5d50f0c8da 5681560 debug optional xserver-xorg-core-dbgsym_21.1.7-3+deb12u10_s390x.deb
 c6904aa188dc8a5f983c489d3772796c 886688 debian-installer optional xserver-xorg-core-udeb_21.1.7-3+deb12u10_s390x.udeb
 847a3af0f5aba9d69495c6f0c3ab1dea 3584736 x11 optional xserver-xorg-core_21.1.7-3+deb12u10_s390x.deb
 fb378453978cf638d39ef1a79de72af9 2554672 x11 optional xserver-xorg-dev_21.1.7-3+deb12u10_s390x.deb
 5cbbe910b4c47d1b37ed9b913a585b84 9076 debug optional xserver-xorg-legacy-dbgsym_21.1.7-3+deb12u10_s390x.deb
 76a3265f339ddb708764d7c7107d9f1a 2388604 x11 optional xserver-xorg-legacy_21.1.7-3+deb12u10_s390x.deb
 d7052a9fe7f02e2732205318a1b9b738 3244804 debug optional xvfb-dbgsym_21.1.7-3+deb12u10_s390x.deb
 eedd2b9f9d25236006930dabdee8b402 3075972 x11 optional xvfb_21.1.7-3+deb12u10_s390x.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEZTC4/c20pi1/n7UBUhVQ83ojQ7QFAmhVeCYACgkQUhVQ83oj
Q7TsaBAAlSaOS7ah8Lph1r8tTuIjQnSDXMz6fg3NvhKwJs0iWRsxPk0W12u6tJhN
wnZkbEA85dxz0OvzxZVDH8Cf2zOhnZSQFpcMQy7OPmIGgh599jrUhDZPAgRr/1Rg
kWxUouhiRPG2uAzQYbUQ4n8zhVt3vzjU907yCdwLHUHTyK3CPZNHNYAyyZlys1x3
yhXclBOxX8vW/EfSzcYxBOEoBhyzLDhQ2Xt6l3+kJFES5Mw0PU34gVP0SxXdeOwL
gAn7kAfrlQ0u79dgrSggrTKGy7XhhcXaNoyvPznugPZMzKxIXNgtk87sl1w/Lg8B
85HEXykaWdhOahFFmW0bSh5fsvulic9AfhulmkRpHYIG7KR4GXmIWpXUbEcrQlXV
fBjVDrC2LcLHh6m3xnPm4N4cdPLFH72usFJMa078iuBn9kcUeaBCRssicN7R1uQa
Dvd17nPgRcegi6o22NhT6a2Cufp6kwhwC3WhS5d5AOfy0sUPre5CMF2YXWLHTovt
RzRHGc3on5XmaQhqV0i2W2pM5k/MUyVsS4Nhvymq3eX0kGXahdhTQeefKYKJmIC6
m1LLXi73wjwUCBOeOR81TH1mf8Bxtk2ygoVIobzNgbfiQPAVIHQanmQTggiczVfx
o8fbTkE2Y2jMHeuu/1q8wLUGj8GUeAKJki7O6teBRYk+2nC/5ZA=
=SAHS
-----END PGP SIGNATURE-----