Amazon Linux 2 Security Advisory: ALAS-2023-1941
Advisory Release Date: 2023-02-17 00:11 Pacific
Advisory Updated Date: 2023-02-22 01:54 Pacific
FAQs regarding Amazon Linux ALAS/CVE Severity
Liblouis 3.5.0 has a Segmentation fault in lou_logPrint in logging.c. (CVE-2018-11577)
Liblouis 3.5.0 has a stack-based Buffer Overflow in the function includeFile in compileTranslationTable.c. (CVE-2018-11684)
Liblouis 3.5.0 has a stack-based Buffer Overflow in the function compileHyphenation in compileTranslationTable.c. (CVE-2018-11685)
Liblouis 3.6.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440. (CVE-2018-12085)
Affected Packages:
liblouis
Issue Correction:
pkg_manager = 'yum'Run update liblouis to update your system.
aarch64:
liblouis-2.6.2-21.amzn2.0.1.aarch64
liblouis-devel-2.6.2-21.amzn2.0.1.aarch64
liblouis-utils-2.6.2-21.amzn2.0.1.aarch64
liblouis-debuginfo-2.6.2-21.amzn2.0.1.aarch64
i686:
liblouis-2.6.2-21.amzn2.0.1.i686
liblouis-devel-2.6.2-21.amzn2.0.1.i686
liblouis-utils-2.6.2-21.amzn2.0.1.i686
liblouis-debuginfo-2.6.2-21.amzn2.0.1.i686
noarch:
python2-louis-2.6.2-21.amzn2.0.1.noarch
python3-louis-2.6.2-21.amzn2.0.1.noarch
liblouis-doc-2.6.2-21.amzn2.0.1.noarch
src:
liblouis-2.6.2-21.amzn2.0.1.src
x86_64:
liblouis-2.6.2-21.amzn2.0.1.x86_64
liblouis-devel-2.6.2-21.amzn2.0.1.x86_64
liblouis-utils-2.6.2-21.amzn2.0.1.x86_64
liblouis-debuginfo-2.6.2-21.amzn2.0.1.x86_64