-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 04 Apr 2024 15:13:36 +0200
Source: xorg-server
Binary: xorg-server-source xserver-common
Architecture: all
Version: 2:1.20.11-1+deb11u12
Distribution: bullseye-security
Urgency: high
Maintainer: all Build Daemon (x86-csail-02) <buildd_all-x86-csail-02@buildd.debian.org>
Changed-By: Julien Cristau <jcristau@debian.org>
Description:
 xorg-server-source - Xorg X server - source files
 xserver-common - common files used by various X servers
Changes:
 xorg-server (2:1.20.11-1+deb11u12) bullseye-security; urgency=high
 .
   * CVE-2024-31080: Heap buffer overread/data leakage in ProcXIGetSelectedEvents
   * CVE-2024-31081: Heap buffer overread/data leakage in ProcXIPassiveGrabDevice
   * CVE-2024-31082: Heap buffer overread/data leakage in ProcAppleDRICreatePixmap
   * CVE-2024-31083: User-after-free in ProcRenderAddGlyphs
Checksums-Sha1:
 a2eade0978c225b49b990e404a422b4cb1afdb13 7486448 xorg-server-source_1.20.11-1+deb11u12_all.deb
 a1074767e435aab148e550baf017a39f595691e8 11944 xorg-server_1.20.11-1+deb11u12_all-buildd.buildinfo
 2a4551a0a5ba7b79a72207fdccefb83c62c3e3ef 2284640 xserver-common_1.20.11-1+deb11u12_all.deb
Checksums-Sha256:
 1aaa826fc87da1c41a0da25b070feb2851f59dc0c44a7b9260709ad12fce8434 7486448 xorg-server-source_1.20.11-1+deb11u12_all.deb
 aaa864f2d96262ddc16e45d763d5bd67bd68321f26ea9b4fd7d88623f8153d09 11944 xorg-server_1.20.11-1+deb11u12_all-buildd.buildinfo
 7eec7486e515b86443d76d9d10a096665cc46abdb032213df0270521eceb7eda 2284640 xserver-common_1.20.11-1+deb11u12_all.deb
Files:
 dff17e034547d0a4ec4f73c9c7452e8f 7486448 x11 optional xorg-server-source_1.20.11-1+deb11u12_all.deb
 a75550996b074a93a11c845ebf412c57 11944 x11 optional xorg-server_1.20.11-1+deb11u12_all-buildd.buildinfo
 c8476a7b5d4ca41089acdfa0823b9fd0 2284640 x11 optional xserver-common_1.20.11-1+deb11u12_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEzcbx6nIE/ydHa1FFigL77i1GSVkFAmYOsHUACgkQigL77i1G
SVk6SA/+K/mhhHEJr7Dhkv3YBwF4wirU1bJfOeSW827XytN8TuYTJQPpx9yK2eZq
c+IOa2w1fepSGcTZnPoGXdYfy6WQR7P0Hxo62xg/9NwQ8FGCBI5IO8dfc3i4ASTj
VE4HsdVlwDd07vc8tToh/Y1iTc4omn7iNkfH1C5MdNhy0jWirwMFzwry1HxOESC4
3q2jMct2h5icaUqv+OZnvwX5t8XFA1UWXPthoO2zjfBVJldd5jxxf3KdEV6wQi1x
zJVe1KhnpQ590KSxl3u/FDIE3ZHmWYGZJPTjwSzCsM3KkEeejCbJ55v+7DoHLKTi
NNpuVytDEDOTiDG79Wd8bQgCPIxy5etMD6VWafAf+3QcLyCSx+mAByd0NCNjdFDR
uejCx7TcrR8obof2h5/3alGPrNVJDcJeM1Pm1grpqvJ2bfmt4flw6ReHS74W4dS4
3wV7GfUztRBsyRgkCiEYFp+D+gry4r6hb0JU4/ey1SmcyBzgQAzw2/lKIdm/2jnk
yavQ27WAmUiyZP//AXWN2utFbVlbt+O1JVqrOmG3BClN0IbI3c+W79q16v9Ljm+h
qugbqFM7IgPbP/JTf70Gy/aBSU4sl70kaXRMwJx8ot4YP7f0l0UDPxFfomCtwsBv
Nn+6GgXcU/54vyNJIuxxOec9aWg3P/bE5kdU7nRIzv5Iyr62uy8=
=vPnU
-----END PGP SIGNATURE-----