Amazon Linux 2022 Security Advisory: ALAS-2022-066
Advisory Release Date: 2022-05-18 13:33 Pacific
Advisory Updated Date: 2022-05-19 18:11 Pacific
Severity:
Medium
Issue Overview:
An out-of-bounds write vulnerability was found in libFlak. The vulnerability occurs due to a missing bounds check. This flaw allows a local attacker without additional execution privileges to cause local information disclosure. (CVE-2021-0561)
Affected Packages:
flac
Issue Correction:
Run dnf update --releasever=2022.0.20220518 flac to update your system.
New Packages:
aarch64:
flac-libs-debuginfo-1.3.4-1.amzn2022.aarch64
flac-debuginfo-1.3.4-1.amzn2022.aarch64
flac-libs-1.3.4-1.amzn2022.aarch64
flac-1.3.4-1.amzn2022.aarch64
flac-devel-1.3.4-1.amzn2022.aarch64
flac-debugsource-1.3.4-1.amzn2022.aarch64
src:
flac-1.3.4-1.amzn2022.src
x86_64:
flac-libs-debuginfo-1.3.4-1.amzn2022.x86_64
flac-debuginfo-1.3.4-1.amzn2022.x86_64
flac-debugsource-1.3.4-1.amzn2022.x86_64
flac-libs-1.3.4-1.amzn2022.x86_64
flac-1.3.4-1.amzn2022.x86_64
flac-devel-1.3.4-1.amzn2022.x86_64