Aaron Plattner discovered a buffer overflow in the Composite extension of the X.org X server, which can lead to local privilege escalation.
The oldstable distribution (sarge) is not affected by this problem.
For the stable distribution (etch) this problem has been fixed in version 1.1.1-21etch1.
For the unstable distribution (sid) this problem will be fixed soon.
We recommend that you upgrade your xorg-server packages.