[SECURITY] [DSA 6044-1] xorg-server security update

Date: unknown

To: debian-security-announce@lists.debian.org
Subject: [SECURITY] [DSA 6044-1] xorg-server security update
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Wed, 29 Oct 2025 06:59:50 +0000
Message-id: <[🔎] E1vE09u-00GgZR-0b@seger.debian.org>
Reply-to: debian-security-announce-request@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-6044-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
October 29, 2025                      https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : xorg-server
CVE ID         : CVE-2025-62229 CVE-2025-62230 CVE-2025-62231

Jan-Niklas Sohn discovered several vulnerabilities in the Xorg X server,
which may result in privilege escalation if the X server is running
privileged.

For the oldstable distribution (bookworm), these problems have been fixed
in version 2:21.1.7-3+deb12u11.

For the stable distribution (trixie), these problems have been fixed in
version 2:21.1.16-1.3+deb13u1.

We recommend that you upgrade your xorg-server packages.

For the detailed security status of xorg-server please refer to its
security tracker page at:
https://security-tracker.debian.org/tracker/xorg-server

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmkBut1fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0ScsA/8DdrYZ/PpQys2jZGSVVrM5h1LncM7fqa4LFr7Y3GS6qWrCZ32t0i3Qtra
pKwpiFsG4M9PckPCMEFPlworRe8ERFjTPmIgYR7mBz/UUCZ7tm29q6bvhUSeuMuQ
W/golto2RSo9yBm1mSQETMfjvl0dg7IDmPVqqu32u9zyfWmQrAGE7Ln3jqigsx5D
OFVZxLi3RJ4b+53Sbhzqqbks2ugJ0ERZIdIoPdCkJndRwprXrseOIxDEsmd5LgX8
F/ilbyYQiL00UYHMQ9C+6f4pyneEevLoq+OcHlFa+UrRdzYY/+Qnx2QeemlsO9Kp
fKjugNjEvQcXH5K4rBXnaSt1UwuDPjRkJNsaqKI7Q1WRZIaDD0AH+KmfE/sdPqR/
ukualpOXrD/3OFDgHJmnH0xW5EnSsVANgDRKZjwQ5E1UZekXZWwrjbbBXDEFX7x2
BOdfA2EmkZsjwJ5hIwYBSk4KUbdXus8qcpJrzSxX2Mm0UtAl/WE0s+Gg8AhEwZTi
nLRdQb/7ZeH6TNiSt9zpuJv3BnUGpEbyl9SNHujhpmgxGA/TnbijoxI02k2nqx/R
gvnXe/THwbqMWiALeKB47mWtgc9EPsVVh6W4lFVa+M2hQofhVQutPElARUE+aGJ4
xHWt4AqJ+SSwTRdXWOA80yUd0PVnWnkK+GAaf2YXkrqSOAmdpp0=
=MVtX
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DSA 6043-1] gimp security update
Previous by thread: [SECURITY] [DSA 6043-1] gimp security update
Index(es):
- Date
- Thread