[SECURITY] [DLA-1469-1] libxcursor security update

2018-08-1815:46:00

lists.debian.org

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.043 Low

EPSS

Percentile

92.2%

JSON

Package : libxcursor
Version : 1:1.1.14-1+deb8u2
CVE ID : CVE-2015-9262
Debian Bug : #906012

It was discovered that there was a denial of service or (potentially code
execution) vulnerability in libxcursor, a library designed to help locate
and load cursors for the X Window System.

For Debian 8 "Jessie", this issue has been fixed in libxcursor version
1:1.1.14-1+deb8u2.

We recommend that you upgrade your libxcursor packages.

Regards,

  ,&#x27;&#x27;`.
 : :&#x27;  :     Chris Lamb
 `. `&#x27;`      [email protected] / chris-lamb.co.uk
   `-

OSVersionArchitecturePackageVersionFilename
Debian9armhflibxcursor1-udeb< 1:1.1.14-1+deb9u2libxcursor1-udeb_1:1.1.14-1+deb9u2_armhf.deb
Debian9mips64ellibxcursor1-udeb< 1:1.1.14-1+deb9u2libxcursor1-udeb_1:1.1.14-1+deb9u2_mips64el.deb
Debian9ppc64ellibxcursor1< 1:1.1.14-1+deb9u2libxcursor1_1:1.1.14-1+deb9u2_ppc64el.deb
Debian9s390xlibxcursor-dev< 1:1.1.14-1+deb9u2libxcursor-dev_1:1.1.14-1+deb9u2_s390x.deb
Debian9ppc64ellibxcursor1-udeb< 1:1.1.14-1+deb9u2libxcursor1-udeb_1:1.1.14-1+deb9u2_ppc64el.deb
Debian8armhflibxcursor1< 1:1.1.14-1+deb8u2libxcursor1_1:1.1.14-1+deb8u2_armhf.deb
Debian9arm64libxcursor1-udeb< 1:1.1.14-1+deb9u2libxcursor1-udeb_1:1.1.14-1+deb9u2_arm64.deb
Debian9s390xlibxcursor1-dbg< 1:1.1.14-1+deb9u2libxcursor1-dbg_1:1.1.14-1+deb9u2_s390x.deb
Debian9armellibxcursor1< 1:1.1.14-1+deb9u2libxcursor1_1:1.1.14-1+deb9u2_armel.deb
Debian8amd64libxcursor1-udeb< 1:1.1.14-1+deb8u2libxcursor1-udeb_1:1.1.14-1+deb8u2_amd64.deb

OS	Version	Architecture	Package	Version	Filename
Debian	9	armhf	libxcursor1-udeb	< 1:1.1.14-1+deb9u2	libxcursor1-udeb_1:1.1.14-1+deb9u2_armhf.deb
Debian	9	mips64el	libxcursor1-udeb	< 1:1.1.14-1+deb9u2	libxcursor1-udeb_1:1.1.14-1+deb9u2_mips64el.deb
Debian	9	ppc64el	libxcursor1	< 1:1.1.14-1+deb9u2	libxcursor1_1:1.1.14-1+deb9u2_ppc64el.deb
Debian	9	s390x	libxcursor-dev	< 1:1.1.14-1+deb9u2	libxcursor-dev_1:1.1.14-1+deb9u2_s390x.deb
Debian	9	ppc64el	libxcursor1-udeb	< 1:1.1.14-1+deb9u2	libxcursor1-udeb_1:1.1.14-1+deb9u2_ppc64el.deb
Debian	8	armhf	libxcursor1	< 1:1.1.14-1+deb8u2	libxcursor1_1:1.1.14-1+deb8u2_armhf.deb
Debian	9	arm64	libxcursor1-udeb	< 1:1.1.14-1+deb9u2	libxcursor1-udeb_1:1.1.14-1+deb9u2_arm64.deb
Debian	9	s390x	libxcursor1-dbg	< 1:1.1.14-1+deb9u2	libxcursor1-dbg_1:1.1.14-1+deb9u2_s390x.deb
Debian	9	armel	libxcursor1	< 1:1.1.14-1+deb9u2	libxcursor1_1:1.1.14-1+deb9u2_armel.deb
Debian	8	amd64	libxcursor1-udeb	< 1:1.1.14-1+deb8u2	libxcursor1-udeb_1:1.1.14-1+deb8u2_amd64.deb