ALAS2-2019-1173


Amazon Linux 2 Security Advisory: ALAS-2019-1173
Advisory Release Date: 2019-03-08 00:45 Pacific
Severity: Low
References: CVE-2015-9262 

Issue Overview:

_XcursorThemeInherits in library.c in libXcursor before 1.1.15 allows remote attackers to cause denial of service or potentially code execution via a one-byte heap overflow.(CVE-2015-9262 )


Affected Packages:

libXcursor


Issue Correction:
Run yum update libXcursor to update your system.

New Packages:
aarch64:
    libXcursor-1.1.15-1.amzn2.aarch64
    libXcursor-devel-1.1.15-1.amzn2.aarch64
    libXcursor-debuginfo-1.1.15-1.amzn2.aarch64

i686:
    libXcursor-1.1.15-1.amzn2.i686
    libXcursor-devel-1.1.15-1.amzn2.i686
    libXcursor-debuginfo-1.1.15-1.amzn2.i686

src:
    libXcursor-1.1.15-1.amzn2.src

x86_64:
    libXcursor-1.1.15-1.amzn2.x86_64
    libXcursor-devel-1.1.15-1.amzn2.x86_64
    libXcursor-debuginfo-1.1.15-1.amzn2.x86_64