Suggested advisory:
========================

The updated packages fix a security vulnerability:

The fix we provided for CVE-2024-31083 introduced a double-free in some circumstances, which led to X server crashes.

References:
https://www.openwall.com/lists/oss-security/2024/04/12/10
========================

Updated packages in core/updates_testing:
========================
x11-server-21.1.8-7.5.mga9
x11-server-common-21.1.8-7.5.mga9
x11-server-devel-21.1.8-7.5.mga9
x11-server-source-21.1.8-7.5.mga9
x11-server-xephyr-21.1.8-7.5.mga9
x11-server-xnest-21.1.8-7.5.mga9
x11-server-xorg-21.1.8-7.5.mga9
x11-server-xvfb-21.1.8-7.5.mga9

x11-server-xwayland-22.1.9-1.5.mga9
x11-server-xwayland-devel-22.1.9-1.5.mga9

tigervnc-1.13.1-2.5.mga9
tigervnc-java-1.13.1-2.5.mga9
tigervnc-server-1.13.1-2.5.mga9
tigervnc-server-module-1.13.1-2.5.mga9

from SRPMS:
x11-server-21.1.8-7.5.mga9.src.rpm
x11-server-xwayland-22.1.9-1.5.mga9.src.rpm
tigervnc-1.13.1-2.5.mga9.src.rpm

Status: NEW => ASSIGNED
Version: Cauldron => 9
Assignee: bugsquad => qa-bugs
Source RPM: (none) => x11-server, x11-server-xwayland, tigervnc

RH mageia 9 x86_64

LC_ALL=C urpmi --auto --auto-update 
medium "QA Testing (32-bit)" is up-to-date
medium "QA Testing (64-bit)" is up-to-date
medium "Core Release (distrib1)" is up-to-date
medium "Core Updates (distrib3)" is up-to-date
medium "Nonfree Release (distrib11)" is up-to-date
medium "Nonfree Updates (distrib13)" is up-to-date
medium "Tainted Release (distrib21)" is up-to-date
medium "Tainted Updates (distrib23)" is up-to-date
medium "Core 32bit Release (distrib31)" is up-to-date
medium "Core 32bit Updates (distrib32)" is up-to-date
medium "Nonfree 32bit Release (distrib36)" is up-to-date
medium "Tainted 32bit Release (distrib41)" is up-to-date
medium "Tainted 32bit Updates (distrib42)" is up-to-date


installing x11-server-xorg-21.1.8-7.5.mga9.x86_64.rpm x11-server-xwayland-22.1.9-1.5.mga9.x86_64.rpm x11-server-common-21.1.8-7.5.mga9.x86_64.rpm from //home/katnatek/qa-testing/x86_64
Preparing...                     ##################################################################################################
      1/3: x11-server-common     ##################################################################################################
      2/3: x11-server-xorg       ##################################################################################################
      3/3: x11-server-xwayland   ##################################################################################################
      1/3: removing x11-server-xwayland-22.1.9-1.4.mga9.x86_64
                                 ##################################################################################################
      2/3: removing x11-server-xorg-21.1.8-7.4.mga9.x86_64
                                 ##################################################################################################
      3/3: removing x11-server-common-21.1.8-7.4.mga9.x86_64
                                 ##################################################################################################

Reboot
Testing Plasma X11 without issues

RH mageia 9 x86_64

Testing Plasma Wayland without issues

Mageia9, x86_64
No update problems with qarepo and drakrpm-update.

NVIDIA GP102 [GeForce GTX 1080 Ti] driver: nvidia v: 470.239.06
x11 server: X.org v: 1.21.1.8 with: Xwayland v: 22.1.9 driver: X:

Plasma, Mate and GNOME all run fine with x11 but login fails for Plasma and GNOME Wayland.  This has probably been noted before for older nvidia hardware.

Shall take a look at VNC later.

CC: (none) => tarazed25

MGA9-64 Plasma, i5-7500, Nvidia Quadro K620 Graphics (nvidia-current driver)

No installation issues. I don't know anything about tigerVNC, but The x11-server has been running here all afternoon with no ill effects noted.

CC: (none) => andrewsfarm

Mageia9, x64
Intel Alder Lake-P Integrated Graphics driver: i915
x11 server: X.org v: 1.21.1.8 with: Xwayland v: 22.1.9 driver: X:

Basic x11 server packages updated OK.
Logged in to Plasma desktop.  x11 working fine.
Tried Cinnamon - all OK.  VirtualBox running fine.
Back to Mate.  No issues so far.

Installed and tested without issues.

Tested:
- three days of testing on workstation, server and QEMU/KVM virtual machines;
- local session, using sddm session manager;
- vncserver for VNC remote session;
- VNC remote session through ssh tunnel;
- Plasma DE and LXQt DE in both local and VNC remote sessions;
- vncserver started with systemd socket activation;
- VNC clients: KRDC, vncviewer, VncViewer.jar;
- reconnecting to VNC remote session;
- terminating VNC remote session.
- video decoding with VAAPI;
- Intel iGPU, AMD iGPU, AMD GPU, virtio plus SPICE;
- OpenGL and Vulkan graphics using glmark2, 3D games, Steam games;
- QEMU/KVM guests integration: clipboard sharing, screen resizing to match viewer window.



System A: Mageia 9, x86_64, Plasma DE, LXQt DE, VNC server, Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz, Intel iGPU Xeon E3-1200 using i915 driver.
System B: Mageia 9, x86_64, Plasma DE, LXQt DE, VNC client, AMD Ryzen 5 5600G with Radeon Graphics using amdgpu driver.
System C: Mageia 9, x86_64, LXQt DE, QEMU/KVM guest hosted by system B, AMD Ryzen 5 5600G with Radeon Graphics, virtio plus SPICE.
System D: Mageia 9, x86_64, LXQt DE, QEMU/KVM guest hosted by system B, AMD Ryzen 5 5600G with Radeon Graphics, PCI pass through of AMD RX 6500 XT using amdgpu driver.
System E: Mageia 9, aarch64, WindowMaker DE, QEMU/KVM guest hosted by system B, Cortex-A76 emulation, virtio plus SPICE.



#### SYSTEM A AND VNC SERVER ####
$ uname -a
Linux marte 6.6.22-desktop-1.mga9 #1 SMP PREEMPT_DYNAMIC Sun Mar 17 18:04:51 UTC 2024 x86_64 GNU/Linux
$ lspcidrake | grep DISPLAY
Card:Intel 810 and later: Intel Corporation|Xeon E3-1200 v3/4th Gen Core Processor Integrated Graphics Controller [DISPLAY_VGA] (rev: 06)
$ rpm -qa | grep -P 'x11-server|tigervnc' | sort
tigervnc-server-1.13.1-2.5.mga9
x11-server-common-21.1.8-7.5.mga9
x11-server-xorg-21.1.8-7.5.mga9
x11-server-xwayland-22.1.9-1.5.mga9
$ systemctl status vncserver@1.socket 
● vncserver@1.socket - VNS Server Socket
     Loaded: loaded (/usr/local/lib/systemd/system/vncserver@.socket; enabled; preset: disabled)
     Active: active (listening) since Thu 2024-04-18 11:18:43 WEST; 6min ago
   Triggers: ● vncserver@:1.service
     Listen: 127.0.0.1:5901 (Stream)
      Tasks: 0 (limit: 19042)
     Memory: 8.0K
        CPU: 268us
     CGroup: /system.slice/system-vncserver.slice/vncserver@1.socket




#### SYSTEM B AND VNC CLIENT ####
$ uname -a
Linux jupiter 6.6.22-desktop-1.mga9 #1 SMP PREEMPT_DYNAMIC Sun Mar 17 18:04:51 UTC 2024 x86_64 GNU/Linux
$ lspcidrake | grep DISPLAY | grep Vega
Card:ATI Volcanic Islands and later (amdgpu): Advanced Micro Devices, Inc. [AMD/ATI]|Cezanne [Radeon Vega Series / Radeon Vega Mobile Series] [DISPLAY_VGA] (rev: c9)
$ rpm -qa | grep -P 'x11-server|tigervnc' | sort
tigervnc-1.13.1-2.5.mga9
tigervnc-java-1.13.1-2.5.mga9
x11-server-common-21.1.8-7.5.mga9
x11-server-xorg-21.1.8-7.5.mga9
x11-server-xwayland-22.1.9-1.5.mga9
$ vncviewer localhost:5901

TigerVNC Viewer v1.13.1
Built on: 2024-04-15 12:38
Copyright (C) 1999-2022 TigerVNC Team and many others (see README.rst)
See https://www.tigervnc.org for information on TigerVNC.

Thu Apr 18 11:31:09 2024
 DecodeManager: Detected 12 CPU core(s)
 DecodeManager: Creating 4 decoder thread(s)
 CConn:       Conectado ao host localhost porta 5901
 CConn:       End of stream
 CConn:       The connection was dropped by the server before the session could
              be established.
 DecodeManager:   Total: 0 rects, 0 pixels
 DecodeManager:          0 B (1:-nan ratio)

Thu Apr 18 11:31:10 2024
 DecodeManager: Detected 12 CPU core(s)
 DecodeManager: Creating 4 decoder thread(s)
 CConn:       Conectado ao host localhost porta 5901
 CConnection: Server supports RFB protocol version 3.8
 CConnection: Using RFB protocol version 3.8
 CConnection: Choosing security type VeNCrypt(19)
 CVeNCrypt:   Choosing security type TLSVnc (258)

Thu Apr 18 11:31:13 2024
 DesktopWindow: Reducing window size to fit on current monitor
 CConn:       Usando formato de pixel depth 24 (32bpp) little-endian rgb888
 CConnection: Enabling continuous updates

Thu Apr 18 11:31:45 2024
 DecodeManager:     raw: 16 rects, 4,305 kpixels
 DecodeManager:          17,0039 KiB (1:1 ratio)
 DecodeManager:     copyRect: 1 rects, 1 pixels
 DecodeManager:               16 B (1:1 ratio)
 DecodeManager:     Tight: 2,249 krects, 46,6985 Mpixels
 DecodeManager:            11,804 MiB (1:15,0937 ratio)
 DecodeManager:   Total: 2,266 krects, 46,7028 Mpixels
 DecodeManager:          11,8206 MiB (1:15,0739 ratio)
$ java -jar /usr/share/java/VncViewer.jar

TigerVNC Java Viewer v1.13.1 (20240415)
Built on 2024-04-15 at 12:39:45
Copyright (C) 1999-2022 TigerVNC Team and many others (see README.rst)
See https://www.tigervnc.org for information on TigerVNC.
DecodeManager: Detected 12 CPU core(s)
DecodeManager: Creating 4 decoder thread(s)
CConn: connected to host localhost port 5901
CConnection: Server supports RFB protocol version 3.8
CConnection: Using RFB protocol version 3.8
CConn: Using pixel format depth 24 (32bpp) little-endian rgb888
CConnection: Enabling continuous updates



#### SYSTEM C ####
$ uname -a
Linux jupiter-vm-mageia-9 6.6.22-desktop-1.mga9 #1 SMP PREEMPT_DYNAMIC Sun Mar 17 18:04:51 UTC 2024 x86_64 GNU/Linux
$ lspcidrake | grep DISPLAY
Card:Virtio virtual video card: Red Hat, Inc.|Virtio 1.0 GPU [DISPLAY_VGA] (rev: 01)
$ rpm -qa | grep x11-server | sort
x11-server-common-21.1.8-7.5.mga9
x11-server-xorg-21.1.8-7.5.mga9
x11-server-xwayland-22.1.9-1.5.mga9



#### SYSTEM D ####
$ uname -a
Linux jupiter-vm-mageia-9-jogos 6.6.22-desktop-1.mga9 #1 SMP PREEMPT_DYNAMIC Sun Mar 17 18:04:51 UTC 2024 x86_64 GNU/Linux
$ lspcidrake | grep DISPLAY
Card:AMD Southern Islands and later (amdgpu): Advanced Micro Devices, Inc. [AMD/ATI]|Navi 24 [Radeon RX 6400/6500 XT/6500M] [DISPLAY_VGA] (rev: c1)
$ rpm -qa | grep x11-server | sort
x11-server-common-21.1.8-7.5.mga9
x11-server-xorg-21.1.8-7.5.mga9
x11-server-xwayland-22.1.9-1.5.mga9



#### SYSTEM E ####
$ uname -a
Linux jupiter-vm-mageia-9-aarch64 6.6.27-desktop-1.mga9 #1 SMP PREEMPT_DYNAMIC Sat Apr 13 13:31:56 UTC 2024 aarch64 GNU/Linux
$ lscpu | grep name 
Model name:                           Cortex-A76
BIOS Model name:                      virt-5.2  CPU @ 2.0GHz
$ lspcidrake | grep DISPLAY
Card:Virtio virtual video card: Red Hat, Inc.|Virtio 1.0 GPU [DISPLAY_OTHER] (rev: 01)
$ rpm -qa | grep x11-server | sort
x11-server-common-21.1.8-7.5.mga9
x11-server-xorg-21.1.8-7.5.mga9
x11-server-xwayland-22.1.9-1.5.mga9

MGA9-64 Plasma on an HP Pavilion 15, AMD A8-4555M APU, HD 7600G graphics.

No installation issues on the x11 packages. I have been using this for two hours this morning, mostly with Firefox and Thunderbird, with no ill effects noted.

Please be advised that I never saw any ill effects with the older packages on any of my computers, so of course I cannot confirm from personal experience that the issues are fixed.

Mageia9, x64

Updated all packages OK.  Logged in to GNOME Classic on Wayland
Desktop running fine.

Device-1: AMD Lucienne driver: amdgpu
Display: wayland server: X.Org v: 22.1.9 with: Xwayland v: 22.1.9
    compositor: gnome-shell v: 44.2 driver: X: loaded: amdgpu,v4l dri: radeonsi
API: OpenGL v: 4.6 Mesa 23.3.6 renderer: AMD Radeon Graphics (radeonsi
    renoir LLVM 15.0.6 DRM 3.54 6.6.22-desktop-1.mga9)

Logged in to Plasma X11.
Display: x11 server: X.org v: 1.21.1.8 with: Xwayland v: 22.1.9 driver: X:
Virtualbox running OK and normal desktop operations.
glmark2 worked.

Logged out and spotted an entry for Kodi - no idea how that got there - tried it out of curiosity and Kodi came up.  Completely out of my depth in Kodi - struggled to find a way out - no logout or exit but found a shutdown timer and set it to the minimum 5 minutes and waited.  It worked in due course and shutdown the PC completely.

Back to Mate, which is functioning normally under x11.

I spotted that Kodi login a while back, but never did try it. Apparently, the Kodi DM is installed as a part of Kodi. 

I just did try it on my Plasma system, and to leave you maneuver through the menus to get the screen with the three icons at the top of the left pane - Power, Settings, Search. Click on the Power icon, then exit on the menu that pops up to the right - as you would normally do to get back to the desktop - and it logs out.

Grazie mille TJ.

RH mageia 9 i586

LC_ALL=C urpmi --auto --auto-update 
medium "QA Testing (32-bit)" is up-to-date
medium "BDK-Free-i586" is up-to-date
medium "BDK-Free-noarch" is up-to-date
medium "BDK-NonFree-i586" is up-to-date
medium "Core Release (distrib1)" is up-to-date
medium "Core Updates (distrib3)" is up-to-date
medium "Nonfree Release (distrib11)" is up-to-date
medium "Nonfree Updates (distrib13)" is up-to-date
medium "Tainted Release (distrib21)" is up-to-date
medium "Tainted Updates (distrib23)" is up-to-date


installing x11-server-common-21.1.8-7.5.mga9.i586.rpm x11-server-xorg-21.1.8-7.5.mga9.i586.rpm x11-server-xwayland-22.1.9-1.5.mga9.i586.rpm from //home/katnatek/qa-testing/i586
Preparing...                     ################################################################
      1/3: x11-server-common     ################################################################
      2/3: x11-server-xorg       ################################################################
      3/3: x11-server-xwayland   ################################################################
      1/3: removing x11-server-xwayland-22.1.9-1.4.mga9.i586
                                 ################################################################
      2/3: removing x11-server-xorg-21.1.8-7.4.mga9.i586
                                 ################################################################
      3/3: removing x11-server-common-21.1.8-7.4.mga9.i586
                                 ################################################################

Reboot and start Plasma X11
Not issues detected

Should be good enough. Validating.

Whiteboard: (none) => MGA9-32-OK MGA9-64-OK
Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2024-0137.html

Status: ASSIGNED => RESOLVED
Resolution: (none) => FIXED

Running fine on five 64 bit systems here, most Plasma, one Xfce.
Normal desktop apps, suspending and hibernation.
No regressions noted.
All now also with kernel-desktop and mesa from testing, and one with nvidia from testing, reports will come in those bugs.

CC: (none) => fri