Vulmon
Amazon Linux AMI Security Advisory: ALAS-2023-1684
Advisory Release Date: 2023-02-13 20:36 Pacific
Advisory Updated Date: 2023-02-14 23:10 Pacific
Severity:
Critical
Issue Overview:
Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime Utility (APR-util) 1.6.1 and prior versions. (CVE-2022-25147)
Affected Packages:
apr-util
Issue Correction:
pkg_manager = 'yum'Run update apr-util to update your system.
New Packages:
i686:
apr-util-devel-1.5.4-6.19.amzn1.i686
apr-util-1.5.4-6.19.amzn1.i686
apr-util-openssl-1.5.4-6.19.amzn1.i686
apr-util-sqlite-1.5.4-6.19.amzn1.i686
apr-util-freetds-1.5.4-6.19.amzn1.i686
apr-util-ldap-1.5.4-6.19.amzn1.i686
apr-util-mysql-1.5.4-6.19.amzn1.i686
apr-util-pgsql-1.5.4-6.19.amzn1.i686
apr-util-debuginfo-1.5.4-6.19.amzn1.i686
apr-util-nss-1.5.4-6.19.amzn1.i686
apr-util-odbc-1.5.4-6.19.amzn1.i686
src:
apr-util-1.5.4-6.19.amzn1.src
x86_64:
apr-util-mysql-1.5.4-6.19.amzn1.x86_64
apr-util-pgsql-1.5.4-6.19.amzn1.x86_64
apr-util-devel-1.5.4-6.19.amzn1.x86_64
apr-util-odbc-1.5.4-6.19.amzn1.x86_64
apr-util-1.5.4-6.19.amzn1.x86_64
apr-util-ldap-1.5.4-6.19.amzn1.x86_64
apr-util-openssl-1.5.4-6.19.amzn1.x86_64
apr-util-sqlite-1.5.4-6.19.amzn1.x86_64
apr-util-nss-1.5.4-6.19.amzn1.x86_64
apr-util-freetds-1.5.4-6.19.amzn1.x86_64
apr-util-debuginfo-1.5.4-6.19.amzn1.x86_64