Amazon Linux 2023 Security Advisory: ALAS-2023-333
Advisory Release Date: 2023-08-31 21:46 Pacific
Advisory Updated Date: 2023-09-07 21:18 Pacific
Severity:
Low
Issue Overview:
File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c. NOTE: "File" is the name of an Open Source project. (CVE-2022-48554)
Affected Packages:
file
Issue Correction:
Run dnf update file --releasever 2023.1.20230906 to update your system.
New Packages:
aarch64:
file-libs-debuginfo-5.39-7.amzn2023.0.4.aarch64
file-devel-5.39-7.amzn2023.0.4.aarch64
file-static-5.39-7.amzn2023.0.4.aarch64
file-debuginfo-5.39-7.amzn2023.0.4.aarch64
file-debugsource-5.39-7.amzn2023.0.4.aarch64
file-libs-5.39-7.amzn2023.0.4.aarch64
file-5.39-7.amzn2023.0.4.aarch64
noarch:
python3-file-magic-5.39-7.amzn2023.0.4.noarch
src:
file-5.39-7.amzn2023.0.4.src
x86_64:
file-static-5.39-7.amzn2023.0.4.x86_64
file-devel-5.39-7.amzn2023.0.4.x86_64
file-libs-5.39-7.amzn2023.0.4.x86_64
file-debugsource-5.39-7.amzn2023.0.4.x86_64
file-libs-debuginfo-5.39-7.amzn2023.0.4.x86_64
file-debuginfo-5.39-7.amzn2023.0.4.x86_64
file-5.39-7.amzn2023.0.4.x86_64