--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-5af98298c7
2024-04-24 01:16:44.599297
--------------------------------------------------------------------------------
Name : xorg-x11-server-Xwayland
Product : Fedora 39
Version : 23.2.6
Release : 1.fc39
URL :
http://www.x.org
Summary : Xwayland
Description :
Xwayland is an X server for running X clients under Wayland.
--------------------------------------------------------------------------------
Update Information:
xwayland 23.2.6 - CVE fix for CVE-2024-31080, CVE-2024-31081, CVE-2024-31083
--------------------------------------------------------------------------------
ChangeLog:
* Tue Apr 9 2024 Olivier Fourdan <ofourdan(a)redhat.com> - 23.2.6-1
- xwayland 23.2.6 - (#2273002)
* Wed Apr 3 2024 Jos�� Exp��sito <jexposit(a)redhat.com> - 23.2.5-1
- CVE fix for: CVE-2024-31080, CVE-2024-31081, CVE-2024-31082 and
CVE-2024-31083
* Mon Jan 29 2024 Florian Weimer <fweimer(a)redhat.com> - 23.2.4-3
- Fix C compatibility issue on i686
* Sat Jan 27 2024 Fedora Release Engineering <releng(a)fedoraproject.org> - 23.2.4-2
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #2271997 - CVE-2024-31080 xorg-x11-server: Heap buffer overread/data leakage
in ProcXIGetSelectedEvents
https://bugzilla.redhat.com/show_bug.cgi?id=2271997
[ 2 ] Bug #2271998 - CVE-2024-31081 xorg-x11-server: Heap buffer overread/data leakage
in ProcXIPassiveGrabDevice
https://bugzilla.redhat.com/show_bug.cgi?id=2271998
[ 3 ] Bug #2272000 - CVE-2024-31083 xorg-x11-server: User-after-free in
ProcRenderAddGlyphs
https://bugzilla.redhat.com/show_bug.cgi?id=2272000
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-5af98298c7' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------