Hello,
Today XOrg Server 21.1.17 and XWayland 24.1.7 have been released to address some vulnerabilities (https://www.gamingonlinux.com/2025/06/multiple-security-issues-in-the-x-org-x-server-and-xwayland-disclosed-new-versions-released/)
Official advisory: https://lists.x.org/archives/xorg-announce/2025-June/003608.html
Would it take long to have the new versions built and released on the official channels ?
Thank you in advance !
Best regards;,
SoftExpert
Reading the list, it seems items barely deserve to be called CVE? Of course update is welcome but unless I missed something it is not very scary.
Both pkg's are available for testing.
artist
You missed some study of the classics:
https://phrack.org/issues/49/14
If you can generate a buffer overflow and can affect the bytes that make that up and can calculate the way the existing bytes are placed in the memory you can potentially then break out of the normal operation of the program and make it do anything you want. :o