Amazon Linux 2023 Security Advisory: ALAS-2023-082
Advisory Release Date: 2023-02-17 20:47 Pacific
Advisory Updated Date: 2023-02-22 23:30 Pacific
Severity:
Important
Issue Overview:
Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.2. (CVE-2022-3179)
Bottle before 0.12.20 mishandles errors during early request binding. (CVE-2022-31799)
Affected Packages:
python-bottle
Issue Correction:
Run dnf update python-bottle --releasever=2023.0.20230222 to update your system.
New Packages:
noarch:
python3-bottle-0.12.21-2.amzn2023.0.1.noarch
src:
python-bottle-0.12.21-2.amzn2023.0.1.src