ALAS-2014-405


Amazon Linux AMI Security Advisory: ALAS-2014-405
Advisory Release Date: 2014-09-19 12:04 Pacific
Severity: Medium
References: CVE-2013-2064 

Issue Overview:

Integer overflow in X.org libxcb 1.9 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the read_packet function.


Affected Packages:

libxcb


Issue Correction:
Run yum update libxcb to update your system.

New Packages:
i686:
    libxcb-debuginfo-1.8.1-1.15.amzn1.i686
    libxcb-devel-1.8.1-1.15.amzn1.i686
    libxcb-python-1.8.1-1.15.amzn1.i686
    libxcb-1.8.1-1.15.amzn1.i686

noarch:
    libxcb-doc-1.8.1-1.15.amzn1.noarch

src:
    libxcb-1.8.1-1.15.amzn1.src

x86_64:
    libxcb-1.8.1-1.15.amzn1.x86_64
    libxcb-devel-1.8.1-1.15.amzn1.x86_64
    libxcb-debuginfo-1.8.1-1.15.amzn1.x86_64
    libxcb-python-1.8.1-1.15.amzn1.x86_64