These are all security issues fixed in the libxkbcommon-devel-1.3.1-1.2 package on the GA media of openSUSE Tumbleweed.