https://ubuntu.com/security/notices/USN-7299-4
** Changed in: xorg-server (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to xorg-server in Ubuntu.
https://bugs.launchpad.net/bugs/2102209
Title:
xorg-server regression due CVE-2025-26601
Status in xorg-server package in Ubuntu:
Fix Released
Bug description:
== Summary ==
The security update 7299-2 for esm-infra/xenial and bionic has/had an
incomplete fix for the CVE-2025-26601.
patch: e0f872207aa203adb85e825c311ed50fe3a3af60 was needed as it changes the
behavior of some variables.
Backport done previously caused a regression.
Redoing the backports adding the commit mentioned fix the issue.
After further investigation only: xorg-server and xorg-server-hwe-16.04 were
affected.
xorg-server-hwe-18.04 was not affected and so the fixes for CVEs listed in
7299-2 were re-applied.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/xorg-server/+bug/2102209/+subscriptions
--
Mailing list: https://launchpad.net/~desktop-packages
Post to : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help : https://help.launchpad.net/ListHelp
