Amazon Linux AMI Security Advisory: ALAS-2023-1673
Advisory Release Date: 2023-01-19 20:10 Pacific
Advisory Updated Date: 2023-01-24 17:20 Pacific
Severity:
Critical
References:
CVE-2022-26635
Issue Overview:
PHP-Memcached v2.2.0 and below contains an improper NULL termination which allows attackers to execute CLRF injection. (CVE-2022-26635)
Affected Packages:
php70-pecl-memcached
Issue Correction:
Run yum update php70-pecl-memcached to update your system.
New Packages:
i686:
php70-pecl-memcached-3.2.0-1.3.amzn1.i686
php70-pecl-memcached-debuginfo-3.2.0-1.3.amzn1.i686
src:
php70-pecl-memcached-3.2.0-1.3.amzn1.src
x86_64:
php70-pecl-memcached-3.2.0-1.3.amzn1.x86_64
php70-pecl-memcached-debuginfo-3.2.0-1.3.amzn1.x86_64