I'm pleased to announce the Xwayland 21.1.4 release. Notable changes since Xwayland 21.1.3 include:
Fixes for multiple input validation failures in X server extensions:
* CVE-2021-4008/ZDI-CAN-14192 SProcRenderCompositeGlyphs out-of-bounds
access
* CVE-2021-4009/ZDI-CAN 14950 SProcXFixesCreatePointerBarrier
out-of-bounds access
* CVE-2021-4010/ZDI-CAN-14951 SProcScreenSaverSuspend out-of-bounds access
* CVE-2021-4011/ZDI-CAN-14952 SwapCreateRegister out-of-bounds access
This release also other fixes such as:
* Store EGLcontext to avoid superfluous eglMakeCurrent() calls
* Prefer EGLStream with NVIDIA proprietary driver if both GBM and EGLstream are
available
Michel Dänzer (1):
xwayland: Store EGLContext pointer in lastGLContext
Olivier Fourdan (5):
xwayland/eglstream: Demote EGLstream device warning
xwayland/glamor: Change errors to verbose messages
xwayland/glamor: Log backend selected for debug
xwayland/eglstream: Prefer EGLstream if available
Bump version to 21.1.4
Povilas Kanapickas (4):
record: Fix out of bounds access in SwapCreateRegister()
xfixes: Fix out of bounds access in *ProcXFixesCreatePointerBarrier()
Xext: Fix out of bounds access in SProcScreenSaverSuspend()
render: Fix out of bounds access in SProcRenderCompositeGlyphs()
git tag: xwayland-21.1.4
https://xorg.freedesktop.org/archive/individual/xserver/xwayland-21.1.4.tar.xz
SHA256: 19f6795f31cfa8eb352b1e5b3c379f22ee6020e98701ff2cc679da8c4f1159f7
xwayland-21.1.4.tar.xz
SHA512:
54e18565b4c2514534501ddcc76058d6911cf0c2185cddf5c54833d317f51ba8eb8934bd9be269518ece05f3bc8cda81600b25871c61437c923eba916eccc525
xwayland-21.1.4.tar.xz
PGP:
https://xorg.freedesktop.org/archive/individual/xserver/xwayland-21.1.4.tar.xz.sig
OpenPGP_signature
Description: OpenPGP digital signature
