Amazon Linux AMI Security Advisory: ALAS-2013-261
Advisory Release Date: 2013-12-11 20:34 Pacific
Advisory Updated Date: 2014-09-16 22:10 Pacific
Severity:
Low
Issue Overview:
It was discovered that the sort, uniq, and join utilities did not properly restrict the use of the alloca() function. An attacker could use this flaw to crash those utilities by providing long input strings. (CVE-2013-0221, CVE-2013-0222, CVE-2013-0223)
Affected Packages:
coreutils
Issue Correction:
Run yum update coreutils to update your system.
New Packages:
i686:
coreutils-libs-8.4-31.17.amzn1.i686
coreutils-8.4-31.17.amzn1.i686
coreutils-debuginfo-8.4-31.17.amzn1.i686
src:
coreutils-8.4-31.17.amzn1.src
x86_64:
coreutils-libs-8.4-31.17.amzn1.x86_64
coreutils-8.4-31.17.amzn1.x86_64
coreutils-debuginfo-8.4-31.17.amzn1.x86_64