xorg.libXcursor: security 1.1.14 -> 1.1.15

Fix heap overflows when parsing malicious files. (CVE-2017-16612)

pkgs/servers/x11/xorg/default.nix

@@ -788,11 +788,11 @@ let
   }) // {inherit compositeproto libX11 libXfixes xproto ;};
 
   libXcursor = (mkDerivation "libXcursor" {
-    name = "libXcursor-1.1.14";
+    name = "libXcursor-1.1.15";
     builder = ./builder.sh;
     src = fetchurl {
-      url = mirror://xorg/individual/lib/libXcursor-1.1.14.tar.bz2;
-      sha256 = "1prkdicl5y5yx32h1azh6gjfbijvjp415javv8dsakd13jrarilv";
+      url = mirror://xorg/individual/lib/libXcursor-1.1.15.tar.bz2;
+      sha256 = "0syzlfvh29037p0vnlc8f3jxz8nl55k65blswsakklkwsc6nfki9";
     };
     nativeBuildInputs = [ pkgconfig ];
     buildInputs = [ fixesproto libX11 libXfixes xproto libXrender ];

pkgs/servers/x11/xorg/tarballs-7.7.list

@@ -63,7 +63,7 @@ mirror://xorg/individual/lib/libX11-1.6.5.tar.bz2
 mirror://xorg/individual/lib/libXau-1.0.8.tar.bz2
 mirror://xorg/individual/lib/libXaw-1.0.13.tar.bz2
 mirror://xorg/individual/lib/libXcomposite-0.4.4.tar.bz2
-mirror://xorg/individual/lib/libXcursor-1.1.14.tar.bz2
+mirror://xorg/individual/lib/libXcursor-1.1.15.tar.bz2
 mirror://xorg/individual/lib/libXdamage-1.1.4.tar.bz2
 mirror://xorg/individual/lib/libXdmcp-1.1.2.tar.bz2
 mirror://xorg/individual/lib/libXext-1.3.3.tar.bz2