Made public today was CVE-2023-43785 as an out-of-bounds memory access within the libX11 code that has been around since 1996. A second libX11 flaw is stack exhaustion from infinite recursion within the PutSubImage() function of libX11… This vulnerability has been around since X11R2 in February of 1988.

Due to these issues coming to light, libX11 1.8.7 and libXpm 3.5.17 were released today with the necessary security fixes. More details on these latest X.Org security vulnerabilities via today’s X.Org security advisory.

  • priapus
    link
    fedilink
    English
    arrow-up
    8
    ·
    1 year ago

    Still no VRR support which is likely a dealbreaker for many.

    • dinckel@lemmy.world
      link
      fedilink
      arrow-up
      4
      ·
      1 year ago

      Like I’ve said, it’s not flawless. There are things missing, but in the larger scheme of things, it is both usable and stable. In my daily usage, I have not encountered any dealbreakers

      • priapus
        link
        fedilink
        English
        arrow-up
        5
        ·
        edit-2
        1 year ago

        With AMD you can. GSync isn’t supported on Wayland.