CVE-2013-1056 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1056): X.org X server 1.13.3 and earlier, when not run as root, allows local users to cause a denial of service (crash) or possibly gain privileges via vectors involving cached xkb files.
No package in tree is affected by this, the oldest xorg-server ebuild in tree where suid is optional is 1.13.4-r1. Older versions always run as root.
Added to existing GLSA draft
This issue was resolved and addressed in GLSA 201405-07 at http://security.gentoo.org/glsa/glsa-201405-07.xml by GLSA coordinator Mikle Kolyada (Zlogene).