X.Org Server & XWayland Updated Due To Another Six Security Vulnerabilities

Written by Michael Larabel in X.Org on 16 January 2024 at 05:56 AM EST. 76 Comments
X.ORG
It was in 2013 a security researcher called the X.Org Server security state "worse than it looks" and quite a disaster from the security/bug perspective for the aging codebase. A decade later there's still no shortage of security vulnerabilities being uncovered within the X.Org Server.

For kicking off 2024, another six security vulnerabilities within the X.Org Server -- and XWayland too -- were uncovered. This mix of 2023 and 2024 CVEs include heap buffer overflows, out-of-bounds memory accesses, and SELinux context corruption, among others.

The six new X.Org Server security vulnerabilities are noted via this announcement.

As a result X.Org Server 21.1.11 and XWayland 23.2.4 were released to deliver these security fixes.
76 Comments
Related News
xcompmgr 1.1.10 Released For Classic "Eye Candy" Compositor On X.Org
Local Privilege Escalation Vulnerability Affecting X.Org Server For 18 Years
It's Taken Until 2024 To Add FreeBSD To X.Org Continuous Integration Testing
libX11 1.8.10 Brings Memory Safety Fixes
X.Org Testing Ground Expands Its Scope To Illumos/OpenIndiana
X.Org Server Patches Look To Cleanup VRR Handling, Make It Xinerama-Aware
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
OpenWrt Affected By Security Issue That Could Have Led To Compromised Build Artifacts
Linus Torvalds Comes Out Against "Completely Broken" x86_64 Feature Levels
Linux EFI Zboot Abandoning "Compression Library Museum", Focusing On Gzip & Zstd
COSMIC Alpha 4 Released For System76's Rust-Based Desktop
Vulkan Video Now Enabled By Default For Radeon VCN2/VCN3 Hardware On Linux
Rustls Multi-Threaded Performance Is Battering OpenSSL
Fedora 42 Aims To Enhance The Windows Subsystem For Linux Experience
KDE Starts December By Landing A Number Of New Features