[AUTO-CHERRYPICK] [AUTOPATCHER-CORE] Upgrade xorg-x11-server-Xwayland to 24.1.6 to fix CVE-2025-26594, CVE-2025-26595, CVE-2025-26596, CVE-2025-26597, CVE-2025-26598, CVE-2025-26599, CVE-2025-26600, CVE-2025-26601[High] - branch 3.0-dev (#12876)

CBL-Mariner-Bot · web-flow · commit bb6d437a7346 · 2025-03-10T19:02:35.000-04:00
diff --git a/SPECS/xorg-x11-server-Xwayland/CVE-2024-9632.patch b/SPECS/xorg-x11-server-Xwayland/CVE-2024-9632.patch
diff --git a/SPECS/xorg-x11-server-Xwayland/xorg-x11-server-Xwayland.signatures.json b/SPECS/xorg-x11-server-Xwayland/xorg-x11-server-Xwayland.signatures.json
@@ -1,5 +1,5 @@
 {
- "Signatures": {
-  "xwayland-24.1.1.tar.xz": "7125bee0b10335805d7f5ba57dfaa359a7850af1a68524f1d97b362741a51832"
- }
-}
+  "Signatures": {
+    "xwayland-24.1.6.tar.xz": "737e612ca36bbdf415a911644eb7592cf9389846847b47fa46dc705bd754d2d7"
+  }
+}
diff --git a/SPECS/xorg-x11-server-Xwayland/xorg-x11-server-Xwayland.spec b/SPECS/xorg-x11-server-Xwayland/xorg-x11-server-Xwayland.spec
@@ -10,8 +10,8 @@ Vendor:        Microsoft Corporation
 Distribution:  Azure Linux
 Summary:       Xwayland
 Name:          xorg-x11-server-Xwayland
-Version:       24.1.1
-Release:       3%{?dist}
+Version:       24.1.6
+Release:       1%{?dist}
  
 License:       MIT
 URL:           http://www.x.org
@@ -20,7 +20,6 @@ Source0:       https://gitlab.freedesktop.org/xorg/%{pkgname}/-/archive/%{commit
 %else
 Source0:       https://www.x.org/pub/individual/xserver/%{pkgname}-%{version}.tar.xz
 %endif
-Patch0001:      CVE-2024-9632.patch
  
 Requires:      xkeyboard-config
 Requires:      xkbcomp
@@ -138,6 +137,10 @@ desktop-file-validate %{buildroot}%{_datadir}/applications/*.desktop
 %{_libdir}/pkgconfig/xwayland.pc
  
 %changelog
+* Tue Mar 04 2025 CBL-Mariner Servicing Account <cblmargh@microsoft.com> - 24.1.6-1
+- Auto-upgrade to 24.1.6 - to fix CVE-2025-26594, CVE-2025-26595, CVE-2025-26596, CVE-2025-26597, CVE-2025-26598, CVE-2025-26599, CVE-2025-26600, CVE-2025-26601[High]
+- Remove older applied patch for CVE-2024-9632
+
 * Thu Nov 14 2024 Suresh Babu Chalamalasetty <schalam@microsoft.com> - 24.1.1-3
 - Fix for CVE-2024-9632
 - Added systemd-devel build requires dependency
diff --git a/cgmanifest.json b/cgmanifest.json
@@ -30728,8 +30728,8 @@
         "type": "other",
         "other": {
           "name": "xorg-x11-server-Xwayland",
-          "version": "24.1.1",
-          "downloadUrl": "https://www.x.org/pub/individual/xserver/xwayland-24.1.1.tar.xz"
+          "version": "24.1.6",
+          "downloadUrl": "https://www.x.org/pub/individual/xserver/xwayland-24.1.6.tar.xz"
         }
       }
     },

Original file line number	Diff line number	Diff line change
`@@ -30728,8 +30728,8 @@`
`30728`	`30728`	`"type": "other",`
`30729`	`30729`	`"other": {`
`30730`	`30730`	`"name": "xorg-x11-server-Xwayland",`
`30731`		`- "version": "24.1.1",`
`30732`		`- "downloadUrl": "https://www.x.org/pub/individual/xserver/xwayland-24.1.1.tar.xz"`
	`30731`	`+ "version": "24.1.6",`
	`30732`	`+ "downloadUrl": "https://www.x.org/pub/individual/xserver/xwayland-24.1.6.tar.xz"`
`30733`	`30733`	`}`
`30734`	`30734`	`}`
`30735`	`30735`	`},`