ALAS2-2020-1508


Amazon Linux 2 Security Advisory: ALAS-2020-1508
Advisory Release Date: 2020-10-22 17:26 Pacific
Advisory Updated Date: 2020-10-22 22:38 Pacific
Severity: Low
References: CVE-2016-10245 

Issue Overview:

Insufficient sanitization of the query parameter in templates/html/search_opensearch.php could lead to reflected cross-site scripting or iframe injection. (CVE-2016-10245)


Affected Packages:

doxygen


Issue Correction:
Run yum update doxygen to update your system.

New Packages:
aarch64:
    doxygen-1.8.5-4.amzn2.aarch64
    doxygen-doxywizard-1.8.5-4.amzn2.aarch64
    doxygen-latex-1.8.5-4.amzn2.aarch64
    doxygen-debuginfo-1.8.5-4.amzn2.aarch64

i686:
    doxygen-1.8.5-4.amzn2.i686
    doxygen-doxywizard-1.8.5-4.amzn2.i686
    doxygen-latex-1.8.5-4.amzn2.i686
    doxygen-debuginfo-1.8.5-4.amzn2.i686

src:
    doxygen-1.8.5-4.amzn2.src

x86_64:
    doxygen-1.8.5-4.amzn2.x86_64
    doxygen-doxywizard-1.8.5-4.amzn2.x86_64
    doxygen-latex-1.8.5-4.amzn2.x86_64
    doxygen-debuginfo-1.8.5-4.amzn2.x86_64