Ross Burton d4067f5835 xwayland: fix CVE-2025-62229 CVE-2025-62230 CVE-2025-62231 ... >From https://lists.x.org/archives/xorg-announce/2025-October/003635.html: 1) CVE-2025-62229: Use-after-free in XPresentNotify structures creation Using the X11 Present extension, when processing and adding the notifications after presenting a pixmap, if an error occurs, a dangling pointer may be left in the error code path of the function causing a use-after-free when eventually destroying the notification structures later. Introduced in: Xorg 1.15 Fixed in: xorg-server-21.1.19 and xwayland-24.1.9 Fix: https://gitlab.freedesktop.org/xorg/xserver/-/commit/5a4286b1 Found by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative. 2) CVE-2025-62230: Use-after-free in Xkb client resource removal When removing the Xkb resources for a client, the function XkbRemoveResourceClient() will free the XkbInterest data associated with the device, but not the resource associated with it. As a result, when the client terminates, the resource delete function triggers a use-after-free. Introduced in: X11R6 Fixed in: xorg-server-21.1.19 and xwayland-24.1.9 Fix: https://gitlab.freedesktop.org/xorg/xserver/-/commit/99790a2c https://gitlab.freedesktop.org/xorg/xserver/-/commit/10c94238 Found by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative. 3) CVE-2025-62231: Value overflow in Xkb extension XkbSetCompatMap() The XkbCompatMap structure stores some of its values using an unsigned short, but fails to check whether the sum of the input data might overflow the maximum unsigned short value. Introduced in: X11R6 Fixed in: xorg-server-21.1.19 and xwayland-24.1.9 Fix: https://gitlab.freedesktop.org/xorg/xserver/-/commit/475d9f49 Found by: Jan-Niklas Sohn working with Trend Micro Zero Day Initiative. (From OE-Core rev: f3b5fc0174478e1ab6d3d03c8fdc75be28d0fd3b) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>		2025-11-06 15:09:32 +00:00
..
classes	classes/toolchain/clang: Add placeholder for dynamic linker in cross-canadian packages	2025-10-30 11:06:28 +00:00
classes-global	classes/base: prefer gnu-prefixed HOSTTOOLS	2025-11-03 17:40:41 +00:00
classes-recipe	rootfs-postcommands.bbclass: add a note to the login banner when root-with-empty-password logins are enabled	2025-11-03 17:40:41 +00:00
conf	fragments: add a 'root-login-with-empty-password' fragment	2025-11-03 17:40:41 +00:00
files	oe-setup-layers: make "path" optional	2025-11-03 17:40:41 +00:00
lib	bbconfigbuild/configfragments.py: print fragment descriptions when enabling them	2025-11-03 17:40:41 +00:00
recipes-bsp	barebox: upgrade 2025.08.0 -> 2025.09.0	2025-10-30 11:06:28 +00:00
recipes-connectivity	wpa-supplicant: patch CVE-2025-24912	2025-11-03 17:40:41 +00:00
recipes-core	readline: backport a patch to fix for caller setting rl_prompt to NULL	2025-11-06 09:45:17 +00:00
recipes-devtools	fmt: make ptest installation and execution more posix compliant	2025-10-30 11:06:28 +00:00
recipes-extended	tar: use diffutils for ptest instead of busybox	2025-10-30 11:06:28 +00:00
recipes-gnome	gtk+3: Update 3.24.43 -> 3.24.51	2025-10-27 11:37:43 +00:00
recipes-graphics	xwayland: fix CVE-2025-62229 CVE-2025-62230 CVE-2025-62231	2025-11-06 15:09:32 +00:00
recipes-kernel	linux-yocto/6.12: update CVE exclusions (6.12.55)	2025-11-03 17:40:41 +00:00
recipes-multimedia	x264: switch to PACKAGECONFIG	2025-10-13 18:01:04 +01:00
recipes-rt	rt-tests: upgrade 2.8 -> 2.9	2025-07-21 23:00:18 +01:00
recipes-sato	core-image-sato: Add x11 as required feature.	2025-11-03 17:40:41 +00:00
recipes-support	lz4: patch CVE-2025-62813	2025-10-30 11:06:28 +00:00
site
COPYING.MIT
recipes.txt