This bug was fixed in the package xorg-server - 2:21.1.7-3ubuntu2.7
---------------
xorg-server (2:21.1.7-3ubuntu2.7) mantic-security; urgency=medium
* SECURITY REGRESSION: memory leak due to incomplete fix (LP: #2051536)
- debian/patches/CVE-2024-21886-3.patch: fix use after free in input
device shutdown in dix/devices.c.
-- Marc Deslauriers <[email protected]> Mon, 29 Jan 2024
07:40:13 -0500
** Changed in: xorg-server (Ubuntu Jammy)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to xorg-server in Ubuntu.
https://bugs.launchpad.net/bugs/2051536
Title:
security update regression tracking bug
Status in xorg-server package in Ubuntu:
Fix Released
Status in xwayland package in Ubuntu:
Fix Released
Status in xorg-server source package in Focal:
Fix Released
Status in xwayland source package in Focal:
Invalid
Status in xorg-server source package in Jammy:
Fix Released
Status in xwayland source package in Jammy:
Fix Released
Status in xorg-server source package in Mantic:
Fix Released
Status in xwayland source package in Mantic:
Fix Released
Status in xorg-server source package in Noble:
Fix Released
Status in xwayland source package in Noble:
Fix Released
Bug description:
USN-6587-1 fixed security issues in X.Org. A commit was missing which
may result in a regression (memory leak).
See:
https://bugs.debian.org/1061110
https://gitlab.freedesktop.org/xorg/xserver/-/issues/1623
https://gitlab.freedesktop.org/xorg/xserver/-/commit/8b75ec34dfbe435cd3a17e64138e22a37395a6d8
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/xorg-server/+bug/2051536/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
