Amazon Linux 2023 Security Advisory: ALAS-2024-556
Advisory Release Date: 2024-02-29 10:29 Pacific
Advisory Updated Date: 2024-03-05 12:00 Pacific
Severity:
Important
Issue Overview:
The Cpanel::JSON::XS package before 4.33 for Perl performs out-of-bounds accesses in a way that allows attackers to obtain sensitive information or cause a denial of service. (CVE-2022-48623)
Affected Packages:
perl-Cpanel-JSON-XS
Issue Correction:
Run dnf update perl-Cpanel-JSON-XS --releasever 2023.3.20240304 to update your system.
New Packages:
aarch64:
perl-Cpanel-JSON-XS-debugsource-4.25-2.amzn2023.0.6.aarch64
perl-Cpanel-JSON-XS-debuginfo-4.25-2.amzn2023.0.6.aarch64
perl-Cpanel-JSON-XS-4.25-2.amzn2023.0.6.aarch64
src:
perl-Cpanel-JSON-XS-4.25-2.amzn2023.0.6.src
x86_64:
perl-Cpanel-JSON-XS-debugsource-4.25-2.amzn2023.0.6.x86_64
perl-Cpanel-JSON-XS-debuginfo-4.25-2.amzn2023.0.6.x86_64
perl-Cpanel-JSON-XS-4.25-2.amzn2023.0.6.x86_64