Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
b67cd4fa by Salvatore Bonaccorso at 2026-07-08T08:25:31+02:00
Add new xorg-server issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -10,6 +10,20 @@ CVE-2026-56001 [BitmapScaleBitmaps Integer Overflow Heap 
Buffer Overflow]
        - libxfont <unfixed>
        NOTE: https://www.openwall.com/lists/oss-security/2026/07/08/1
        NOTE: Fixed by: 
https://gitlab.freedesktop.org/xorg/lib/libxfont/-/commit/be0b08e2d354138d3222b4490e2a77c6ee42f778
 (libXfont2-2.0.8)
+CVE-2026-56000 [GLX contextTags Use-After-Free in CommonMakeCurrent()]
+       - xorg-server <unfixed>
+       - xwayland <unfixed>
+       [trixie] - xwayland <ignored> (Minor issue; Xwayland shouldn't be 
running as root)
+       [bookworm] - xwayland <ignored> (Minor issue; Xwayland shouldn't be 
running as root)
+       NOTE: https://www.openwall.com/lists/oss-security/2026/07/08/2
+       NOTE: Fixed by: 
https://gitlab.freedesktop.org/xorg/xserver/-/commit/2779affbdb4354e894f490e56f962527d6125043
+CVE-2026-55999 [glamor Font Atlas Heap Buffer Overflow]
+       - xorg-server <unfixed>
+       - xwayland <unfixed>
+       [trixie] - xwayland <ignored> (Minor issue; Xwayland shouldn't be 
running as root)
+       [bookworm] - xwayland <ignored> (Minor issue; Xwayland shouldn't be 
running as root)
+       NOTE: https://www.openwall.com/lists/oss-security/2026/07/08/2
+       NOTE: Fixed by: 
https://gitlab.freedesktop.org/xorg/xserver/-/commit/fbf7bac22e2c6bd627fb042742a23318263edae1
 CVE-2026-14895
        - libstring-util-perl <unfixed>
        [trixie] - libstring-util-perl <no-dsa> (Minor issue; will be fixed via 
point release)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b67cd4fa0d72182b8323a9969a26269a57f72129

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b67cd4fa0d72182b8323a9969a26269a57f72129
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to