Univention Bugzilla – Bug 48176
libxcursor: Multiple issues (4.3)
Last modified: 2018-11-21 15:21:27 CET
New Debian libxcursor 1:1.1.14-1+deb9u2 fixes: This update addresses the following issue: * 1-byte heap-based overflow in _XcursorThemeInherits function in library.c (CVE-2015-9262)
--- mirror/ftp/4.3/unmaintained/4.3-0/source/libxcursor_1.1.14-1+deb9u1.dsc +++ apt/ucs_4.3-0-errata4.3-2/source/libxcursor_1.1.14-1+deb9u2.dsc @@ -1,3 +1,8 @@ +1:1.1.14-1+deb9u2 [Mon, 13 Aug 2018 09:09:13 +0200] Chris Lamb <lamby@debian.org>: + + * Fix a denial of service or potentially code execution via + a one-byte heap overflow. (CVE-2015-9262) (Closes: #906012) + 1:1.1.14-1+deb9u1 [Thu, 07 Dec 2017 17:07:35 +0100] Salvatore Bonaccorso <carnil@debian.org>: * Non-maintainer upload by the Security Team. <http://10.200.17.11/4.3-2/#5310405306106449551>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.3-2] e846af731b Bug #48176: libxcursor 1:1.1.14-1+deb9u2 doc/errata/staging/libxcursor.yaml | 13 +++++++++++++ 1 file changed, 13 insertions(+)
<http://errata.software-univention.de/ucs/4.3/323.html>