I'm pleased to announce the Xwayland 21.1.4 release. Notable changes since Xwayland 21.1.3 include:
Fixes for multiple input validation failures in X server extensions: * CVE-2021-4008/ZDI-CAN-14192 SProcRenderCompositeGlyphs out-of-bounds access * CVE-2021-4009/ZDI-CAN 14950 SProcXFixesCreatePointerBarrier out-of-bounds access * CVE-2021-4010/ZDI-CAN-14951 SProcScreenSaverSuspend out-of-bounds access * CVE-2021-4011/ZDI-CAN-14952 SwapCreateRegister out-of-bounds access This release also other fixes such as: * Store EGLcontext to avoid superfluous eglMakeCurrent() calls * Prefer EGLStream with NVIDIA proprietary driver if both GBM and EGLstream are available Michel Dänzer (1): xwayland: Store EGLContext pointer in lastGLContext Olivier Fourdan (5): xwayland/eglstream: Demote EGLstream device warning xwayland/glamor: Change errors to verbose messages xwayland/glamor: Log backend selected for debug xwayland/eglstream: Prefer EGLstream if available Bump version to 21.1.4 Povilas Kanapickas (4): record: Fix out of bounds access in SwapCreateRegister() xfixes: Fix out of bounds access in *ProcXFixesCreatePointerBarrier() Xext: Fix out of bounds access in SProcScreenSaverSuspend() render: Fix out of bounds access in SProcRenderCompositeGlyphs() git tag: xwayland-21.1.4 https://xorg.freedesktop.org/archive/individual/xserver/xwayland-21.1.4.tar.xz SHA256: 19f6795f31cfa8eb352b1e5b3c379f22ee6020e98701ff2cc679da8c4f1159f7 xwayland-21.1.4.tar.xz SHA512: 54e18565b4c2514534501ddcc76058d6911cf0c2185cddf5c54833d317f51ba8eb8934bd9be269518ece05f3bc8cda81600b25871c61437c923eba916eccc525 xwayland-21.1.4.tar.xz PGP: https://xorg.freedesktop.org/archive/individual/xserver/xwayland-21.1.4.tar.xz.sig
OpenPGP_signature
Description: OpenPGP digital signature