This release contains the fixes for the issues reported in today's security advisory: https://lists.x.org/archives/xorg-announce/2025-October/003635.html
* CVE-2025-62229
* CVE-2025-62230
* CVE-2025-62231
Additionally, it contains a number of additional fixes:
Alan Coopersmith (21):
os: Use EVP APIs when building with OpenSSL 3
meson: fix build if shmfence is enabled but dri3 & xwayland are not
Xext/shm: avoid null dereference in ShmInitScreenPriv()
Xext/sync: avoid null dereference if SysCounterGetPrivate() returns NULL
Xext/sync: avoid null dereference in init_system_idle_counter()
Xext/sync: Avoid dereference of invalid pointer if malloc() failed
Xext/vidmode: avoid null dereference if VidModeCreateMode() allocation
fails
Xext/xres: avoid null dereference in ProcXResQueryClients()
Xext/xselinux: add fast path to ProcSELinuxListSelections()
Xext/xselinux: avoid memory leak in SELinuxAtomToSID()
Xext/xtest: avoid null dereference in ProcXTestFakeInput()
Xi: avoid null dereference if wOtherInputMasks() returns NULL
Xi: set value for led_values in CopySwapKbdFeedback()
Xi: handle allocation failure in ProcXGetDeviceDontPropagateList()
Xi: handle allocation failure in ProcXListInputDevices()
Xi: handle allocation failure in add_master_func()
dix: handle allocation failure in DeviceFocusEvent()
dix: avoid null dereference if wOtherInputMasks() returns NULL
dix: assert that size of buffers to swap is a multiple of the swap size
dix: handle allocation failure in ChangeWindowDeviceCursor()
dix: avoid memory leak in ProcListProperties()
Ian Forbes (1):
xwayland: Try harder to find a top-level for root grabs
Icenowy Zheng (1):
glamor: Fix dual blend on GLES3
Julian Orth (1):
xwayland: Don't run key behaviors and actions
Michel Dänzer (3):
xwayland: Take viewport scale into account for the input region
xwayland: Add heuristic for WM windows based on reparenting
xwayland: Ignore non-InputOutput children in window_get_client_toplevel
Mikhail Dmitrichenko (3):
xwayland: Fix search of duplicate lease names
os: avoid potential out-of-bounds access at logVHdrMessageVerb
dix: avoid null ptr deref at doListFontsWithInfo
Nicolas Guichard (1):
xwayland: Fix minimum wl_compositor protocol version
Olivier Fourdan (7):
randr: Do not leak the provider property
Revert "xwayland: Don't run key behaviors and actions"
present: Fix use-after-free in present_create_notifies()
xkb: Make the RT_XKBCLIENT resource private
xkb: Free the XKB resource when freeing XkbInterest
xkb: Prevent overflow in XkbSetCompatMap()
Bump version to 24.1.9
Vlad Zahorodnii (1):
xwayland: Dispatch tablet tool tip events after frame events
git tag: xwayland-24.1.9
https://xorg.freedesktop.org/archive/individual/xserver/xwayland-24.1.9.tar.xz
SHA256: f297af27a84508db9b80d1cbbcc69c3801da38eb64c72f3b5b50f582459afdd0
xwayland-24.1.9.tar.xz
SHA512:
7438a572651dc77c1fd749879abccdc9a245c7b75143668d5561a8e99d41063f042a8eb3f9b931a2a12be1fc3cb9d197eee6794d0702a19e56c20f55acb35a26
xwayland-24.1.9.tar.xz
PGP:
https://xorg.freedesktop.org/archive/individual/xserver/xwayland-24.1.9.tar.xz.sig
OpenPGP_0x14706DBE1E4B4540.asc
Description: OpenPGP public key
OpenPGP_signature.asc
Description: OpenPGP digital signature
