Amazon Linux AMI Security Advisory: ALAS-2023-1670
Advisory Release Date: 2023-01-19 20:10 Pacific
Advisory Updated Date: 2023-01-24 17:21 Pacific
Severity:
Critical
References:
CVE-2022-26635
Issue Overview:
PHP-Memcached v2.2.0 and below contains an improper NULL termination which allows attackers to execute CLRF injection. (CVE-2022-26635)
Affected Packages:
php54-pecl-memcached
Issue Correction:
Run yum update php54-pecl-memcached to update your system.
New Packages:
i686:
php54-pecl-memcached-2.1.0-3.10.amzn1.i686
php54-pecl-memcached-debuginfo-2.1.0-3.10.amzn1.i686
src:
php54-pecl-memcached-2.1.0-3.10.amzn1.src
x86_64:
php54-pecl-memcached-debuginfo-2.1.0-3.10.amzn1.x86_64
php54-pecl-memcached-2.1.0-3.10.amzn1.x86_64