The initial fix for CVE-2023-6377 as applied in DSA 5576-1 did not fully fix the vulnerability. Updated packages correcting this issue including the upstream merged commit are now available. For the oldstable distribution (bullseye), this problem has been fixed in version 2:1.20.11-1+deb11u10. For the stable distribution (bookworm), this problem has been fixed in version 2:21.1.7-3+deb12u4. We recommend that you upgrade your xorg-server packages. For the detailed security status of xorg-server please refer to its security tracker page at: https://security-tracker.debian.org/tracker/xorg-server
The initial fix for CVE-2023-6377 as applied in DSA 5576-1 did not fully fix the vulnerability. Updated packages correcting this issue including the upstream merged commit are now available.
For the oldstable distribution (bullseye), this problem has been fixed in version 2:1.20.11-1+deb11u10.
For the stable distribution (bookworm), this problem has been fixed in version 2:21.1.7-3+deb12u4.
We recommend that you upgrade your xorg-server packages.
For the detailed security status of xorg-server please refer to its security tracker page at: https://security-tracker.debian.org/tracker/xorg-server