ALAS-2019-1150


Amazon Linux AMI Security Advisory: ALAS-2019-1150
Advisory Release Date: 2019-02-08 06:23 Pacific
Severity: Low
References: CVE-2015-9262 

Issue Overview:

_XcursorThemeInherits in library.c in libXcursor allows remote attackers to cause denial of service or potentially code execution via a one-byte heap overflow. (CVE-2015-9262 )


Affected Packages:

libXcursor


Issue Correction:
Run yum update libXcursor to update your system.

New Packages:
i686:
    libXcursor-devel-1.1.14-2.1.10.amzn1.i686
    libXcursor-1.1.14-2.1.10.amzn1.i686
    libXcursor-debuginfo-1.1.14-2.1.10.amzn1.i686

src:
    libXcursor-1.1.14-2.1.10.amzn1.src

x86_64:
    libXcursor-debuginfo-1.1.14-2.1.10.amzn1.x86_64
    libXcursor-devel-1.1.14-2.1.10.amzn1.x86_64
    libXcursor-1.1.14-2.1.10.amzn1.x86_64