Amazon Linux 2 Security Advisory: ALASECS-2023-017
Advisory Release Date: 2023-10-31 00:17 Pacific
Advisory Updated Date: 2023-11-01 00:49 Pacific
Severity:
Low
References:
FAQs regarding Amazon Linux ALAS/CVE Severity
FAQs regarding Amazon Linux ALAS/CVE Severity
Issue Overview:
Containerd is not affected by CVE-2023-39325. While it contains the affected module, it does not use it in a way that exposes users to CVE-2023-39325.
Affected Packages:
containerd
Note:
This advisory is applicable to Amazon Linux 2 - Ecs Extra. Visit this page to learn more about Amazon Linux 2 (AL2) Extras and this FAQ section for the difference between AL2 Core and AL2 Extras advisories.
Issue Correction:
Run yum update containerd to update your system.
New Packages:
aarch64:
containerd-1.6.19-1.amzn2.0.5.aarch64
containerd-stress-1.6.19-1.amzn2.0.5.aarch64
containerd-debuginfo-1.6.19-1.amzn2.0.5.aarch64
src:
containerd-1.6.19-1.amzn2.0.5.src
x86_64:
containerd-1.6.19-1.amzn2.0.5.x86_64
containerd-stress-1.6.19-1.amzn2.0.5.x86_64
containerd-debuginfo-1.6.19-1.amzn2.0.5.x86_64