The CVEs have been fixed in a security upload https://launchpad.net/ubuntu/+source/libxkbcommon/0.8.0-1ubuntu0.1
** Changed in: libxkbcommon (Ubuntu Bionic) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu-X, which is subscribed to libxkbcommon in Ubuntu. https://bugs.launchpad.net/bugs/1794690 Title: Backport 0.8.2 for a CVE update To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libxkbcommon/+bug/1794690/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~ubuntu-x-swat Post to : ubuntu-x-swat@lists.launchpad.net Unsubscribe : https://launchpad.net/~ubuntu-x-swat More help : https://help.launchpad.net/ListHelp