Amazon Linux 2022 Security Advisory: ALAS-2023-267
Advisory Release Date: 2023-01-20 16:44 Pacific
Advisory Updated Date: 2023-01-24 21:23 Pacific
Severity:
Medium
References:
CVE-2022-3715
Issue Overview:
A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems. (CVE-2022-3715)
Affected Packages:
bash
Issue Correction:
Run dnf update bash to update your system.
New Packages:
aarch64:
bash-debuginfo-5.2.15-1.amzn2022.0.1.aarch64
bash-doc-5.2.15-1.amzn2022.0.1.aarch64
bash-devel-5.2.15-1.amzn2022.0.1.aarch64
bash-5.2.15-1.amzn2022.0.1.aarch64
bash-debugsource-5.2.15-1.amzn2022.0.1.aarch64
i686:
bash-debuginfo-5.2.15-1.amzn2022.0.1.i686
bash-doc-5.2.15-1.amzn2022.0.1.i686
bash-5.2.15-1.amzn2022.0.1.i686
bash-debugsource-5.2.15-1.amzn2022.0.1.i686
bash-devel-5.2.15-1.amzn2022.0.1.i686
src:
bash-5.2.15-1.amzn2022.0.1.src
x86_64:
bash-doc-5.2.15-1.amzn2022.0.1.x86_64
bash-devel-5.2.15-1.amzn2022.0.1.x86_64
bash-debuginfo-5.2.15-1.amzn2022.0.1.x86_64
bash-5.2.15-1.amzn2022.0.1.x86_64
bash-debugsource-5.2.15-1.amzn2022.0.1.x86_64