Amazon Linux 2 Security Advisory: ALAS-2020-1508
Advisory Release Date: 2020-10-22 17:26 Pacific
Advisory Updated Date: 2020-10-22 22:38 Pacific
Severity:
Low
Issue Overview:
Insufficient sanitization of the query parameter in templates/html/search_opensearch.php could lead to reflected cross-site scripting or iframe injection. (CVE-2016-10245)
Affected Packages:
doxygen
Note:
This advisory is applicable to Amazon Linux 2 (AL2) Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories.
Issue Correction:
Run yum update doxygen to update your system.
New Packages:
aarch64:
doxygen-1.8.5-4.amzn2.aarch64
doxygen-doxywizard-1.8.5-4.amzn2.aarch64
doxygen-latex-1.8.5-4.amzn2.aarch64
doxygen-debuginfo-1.8.5-4.amzn2.aarch64
i686:
doxygen-1.8.5-4.amzn2.i686
doxygen-doxywizard-1.8.5-4.amzn2.i686
doxygen-latex-1.8.5-4.amzn2.i686
doxygen-debuginfo-1.8.5-4.amzn2.i686
src:
doxygen-1.8.5-4.amzn2.src
x86_64:
doxygen-1.8.5-4.amzn2.x86_64
doxygen-doxywizard-1.8.5-4.amzn2.x86_64
doxygen-latex-1.8.5-4.amzn2.x86_64
doxygen-debuginfo-1.8.5-4.amzn2.x86_64