X.Org Server 1.20.11 has been released to fix a vulnerability (CVE-2021-3472) that could allow privilege escalation on systems running the X server as root. The issue is caused by a bug in the XInput extension that causes the contents of an out-of-bounds buffer to change when processing ChangeFeedbackControl requests with specially crafted input. A similar issue has also been fixed in the xwayland 21.1.1 component.
In addition to fixing the vulnerability in X.Org Server 1.20.11, work has also been done to clean up the XQuartz DDX component used to run X11 applications in the macOS environment. The new version removes the ability to build XQuartz for i386 systems and discontinues support for macOS 10.3 "Panther", 10.4 "Tiger", 10.5 "Leopard", 10.6 "Snow Leopard", 10.7 "Lion" and 10.8 "Mountain Lion".
Source: opennet.ru