Security update for xorg-x11-server SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:02012-1 Final 1 1 2025-06-18T15:36:17Z current 2025-06-18T15:36:17Z 2025-06-18T15:36:17Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for xorg-x11-server This update for xorg-x11-server fixes the following issues: - CVE-2025-49175: Out-of-bounds access in X Rendering extension (Animated cursors) (bsc#1244082). - CVE-2025-49176: Integer overflow in Big Requests Extension (bsc#1244084). - CVE-2025-49178: Unprocessed client request via bytes to ignore (bsc#1244087). - CVE-2025-49179: Integer overflow in X Record extension (bsc#1244089). - CVE-2025-49180: Integer overflow in RandR extension (RRChangeProviderProperty) (bsc#1244090). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2025-2012,SUSE-SLE-SERVER-12-SP5-LTSS-2025-2012,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2012 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-202502012-1/ Link for SUSE-SU-2025:02012-1 https://lists.suse.com/pipermail/sle-updates/2025-June/040365.html E-Mail link for SUSE-SU-2025:02012-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1244082 SUSE Bug 1244082 https://bugzilla.suse.com/1244084 SUSE Bug 1244084 https://bugzilla.suse.com/1244087 SUSE Bug 1244087 https://bugzilla.suse.com/1244089 SUSE Bug 1244089 https://bugzilla.suse.com/1244090 SUSE Bug 1244090 https://www.suse.com/security/cve/CVE-2025-49175/ SUSE CVE CVE-2025-49175 page https://www.suse.com/security/cve/CVE-2025-49176/ SUSE CVE CVE-2025-49176 page https://www.suse.com/security/cve/CVE-2025-49178/ SUSE CVE CVE-2025-49178 page https://www.suse.com/security/cve/CVE-2025-49179/ SUSE CVE CVE-2025-49179 page https://www.suse.com/security/cve/CVE-2025-49180/ SUSE CVE CVE-2025-49180 page SUSE Linux Enterprise Server 12 SP5-LTSS SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 xorg-x11-server-1.19.6-10.83.1 xorg-x11-server-extra-1.19.6-10.83.1 xorg-x11-server-sdk-1.19.6-10.83.1 xorg-x11-server-source-1.19.6-10.83.1 xorg-x11-server-1.19.6-10.83.1 as a component of SUSE Linux Enterprise Server 12 SP5-LTSS xorg-x11-server-extra-1.19.6-10.83.1 as a component of SUSE Linux Enterprise Server 12 SP5-LTSS xorg-x11-server-1.19.6-10.83.1 as a component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 xorg-x11-server-extra-1.19.6-10.83.1 as a component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. CVE-2025-49175 SUSE Linux Enterprise Server 12 SP5-LTSS:xorg-x11-server-1.19.6-10.83.1 SUSE Linux Enterprise Server 12 SP5-LTSS:xorg-x11-server-extra-1.19.6-10.83.1 SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:xorg-x11-server-1.19.6-10.83.1 SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:xorg-x11-server-extra-1.19.6-10.83.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502012-1/ https://www.suse.com/security/cve/CVE-2025-49175.html CVE-2025-49175 https://bugzilla.suse.com/1244082 SUSE Bug 1244082 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. CVE-2025-49176 SUSE Linux Enterprise Server 12 SP5-LTSS:xorg-x11-server-1.19.6-10.83.1 SUSE Linux Enterprise Server 12 SP5-LTSS:xorg-x11-server-extra-1.19.6-10.83.1 SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:xorg-x11-server-1.19.6-10.83.1 SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:xorg-x11-server-extra-1.19.6-10.83.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502012-1/ https://www.suse.com/security/cve/CVE-2025-49176.html CVE-2025-49176 https://bugzilla.suse.com/1244084 SUSE Bug 1244084 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. CVE-2025-49178 SUSE Linux Enterprise Server 12 SP5-LTSS:xorg-x11-server-1.19.6-10.83.1 SUSE Linux Enterprise Server 12 SP5-LTSS:xorg-x11-server-extra-1.19.6-10.83.1 SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:xorg-x11-server-1.19.6-10.83.1 SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:xorg-x11-server-extra-1.19.6-10.83.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502012-1/ https://www.suse.com/security/cve/CVE-2025-49178.html CVE-2025-49178 https://bugzilla.suse.com/1244087 SUSE Bug 1244087 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. CVE-2025-49179 SUSE Linux Enterprise Server 12 SP5-LTSS:xorg-x11-server-1.19.6-10.83.1 SUSE Linux Enterprise Server 12 SP5-LTSS:xorg-x11-server-extra-1.19.6-10.83.1 SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:xorg-x11-server-1.19.6-10.83.1 SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:xorg-x11-server-extra-1.19.6-10.83.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502012-1/ https://www.suse.com/security/cve/CVE-2025-49179.html CVE-2025-49179 https://bugzilla.suse.com/1244089 SUSE Bug 1244089 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. CVE-2025-49180 SUSE Linux Enterprise Server 12 SP5-LTSS:xorg-x11-server-1.19.6-10.83.1 SUSE Linux Enterprise Server 12 SP5-LTSS:xorg-x11-server-extra-1.19.6-10.83.1 SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:xorg-x11-server-1.19.6-10.83.1 SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:xorg-x11-server-extra-1.19.6-10.83.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502012-1/ https://www.suse.com/security/cve/CVE-2025-49180.html CVE-2025-49180 https://bugzilla.suse.com/1244090 SUSE Bug 1244090