guix_mirror_bot pushed a commit to branch master
in repository guix.
commit 7954560698b77bc4326041993aa394240a7697f6
Author: John Kehayias <[email protected]>
AuthorDate: Fri Sep 12 00:16:06 2025 -0400
gnu: xorg-server: Update to 21.1.18 [security-fixes].
A previous version, 21.1.16, fixed the following CVEs:
CVE-2025-26594: Use-after-free of the root cursor
CVE-2025-26595: Buffer overflow in XkbVModMaskText()
CVE-2025-26596: Heap overflow in XkbWriteKeySyms()
CVE-2025-26597: Buffer overflow in XkbChangeTypesOfKey()
CVE-2025-26598: Out-of-bounds write in CreatePointerBarrierClient()
CVE-2025-26599: Use of uninitialized pointer in compRedirectWindow()
CVE-2025-26600: Use-after-free in PlayReleasedEvents()
CVE-2025-26601: Use-after-free in SyncInitTrigger()
See <https://lists.x.org/archives/xorg-announce/2025-February/003584.html>
for
more information.
* gnu/packages/xorg.scm (xorg-server): Update to 21.1.18.
(xorg-server-for-tests): Remain at 21.1.15.
Change-Id: I9160f0d55b103b806fdaee0786c4a63a2443cd24
Signed-off-by: Maxim Cournoyer <[email protected]>
---
gnu/packages/xorg.scm | 20 ++++++++++++++------
1 file changed, 14 insertions(+), 6 deletions(-)
diff --git a/gnu/packages/xorg.scm b/gnu/packages/xorg.scm
index e7c6b61e06..bd488ba160 100644
--- a/gnu/packages/xorg.scm
+++ b/gnu/packages/xorg.scm
@@ -5248,7 +5248,7 @@ by the Xorg server.")
(define-public xorg-server
(package
(name "xorg-server")
- (version "21.1.15")
+ (version "21.1.18")
(source
(origin
(method url-fetch)
@@ -5256,7 +5256,7 @@ by the Xorg server.")
"/xserver/xorg-server-" version ".tar.xz"))
(sha256
(base32
- "12g0g9ksswzx1kgn23gvrpa570fnpkdkmw1dfqjjg4422a884744"))
+ "0lk3268gzpll547zvaa64rdhs4z89d7w567lbd55swl71n9x2y68"))
(patches
(list
;; See:
@@ -5374,7 +5374,16 @@ draggable titlebars and borders.")
(define-public xorg-server-for-tests
(hidden-package
(package
- (inherit xorg-server))))
+ (inherit xorg-server)
+ (version "21.1.15")
+ (source
+ (origin
+ (inherit (package-source xorg-server))
+ (uri (string-append "https://xorg.freedesktop.org/archive/individual";
+ "/xserver/xorg-server-" version ".tar.xz"))
+ (sha256
+ (base32
+ "12g0g9ksswzx1kgn23gvrpa570fnpkdkmw1dfqjjg4422a884744")))))))
;;; XXX: Not really at home, but unless we break the inheritance between
;;; tigervnc-server and xorg-server, it must live here to avoid cyclic module
@@ -7142,9 +7151,8 @@ the server and cleaning up before returning the exit
status of the command.")
(license (list license:x11 ; the script
license:gpl2+)))) ; the man page
-;; This package is intended to be used when building qtbase.
-;; Note: It's currently marked as "hidden" to avoid having two non-eq?
-;; packages with the same name and version.
+;; This package is intended to be used when building qtbase, like
+;; xorg-server-for-tests.
(define-public xvfb-run-for-tests
(hidden-package
(package
