Amazon Linux 2022 Security Advisory: ALAS-2022-163
Advisory Release Date: 2022-11-01 21:23 Pacific
Advisory Updated Date: 2022-11-03 21:03 Pacific
Severity:
Medium
Issue Overview:
An out-of-bounds write vulnerability was found in libFlak. The vulnerability occurs due to a missing bounds check. This flaw allows a local attacker without additional execution privileges to cause local information disclosure. (CVE-2021-0561)
Affected Packages:
flac
Issue Correction:
Run dnf update flac --releasever=2022.0.20221102 to update your system.
New Packages:
aarch64:
flac-libs-debuginfo-1.3.4-1.amzn2022.0.1.aarch64
flac-debugsource-1.3.4-1.amzn2022.0.1.aarch64
flac-debuginfo-1.3.4-1.amzn2022.0.1.aarch64
flac-1.3.4-1.amzn2022.0.1.aarch64
flac-libs-1.3.4-1.amzn2022.0.1.aarch64
flac-devel-1.3.4-1.amzn2022.0.1.aarch64
src:
flac-1.3.4-1.amzn2022.0.1.src
x86_64:
flac-libs-debuginfo-1.3.4-1.amzn2022.0.1.x86_64
flac-libs-1.3.4-1.amzn2022.0.1.x86_64
flac-debuginfo-1.3.4-1.amzn2022.0.1.x86_64
flac-1.3.4-1.amzn2022.0.1.x86_64
flac-debugsource-1.3.4-1.amzn2022.0.1.x86_64
flac-devel-1.3.4-1.amzn2022.0.1.x86_64