Amazon Linux 1 Security Advisory: ALAS-2012-96
Advisory Release Date: 2012-07-05 16:13 Pacific
Advisory Updated Date: 2014-09-14 16:26 Pacific
A cross-site scripting (XSS) flaw was found in the "apc.php" script, which provides a detailed analysis of the internal workings of APC and is shipped as part of the APC extension documentation. A remote attacker could possibly use this flaw to conduct a cross-site scripting attack. (CVE-2010-3294)
Affected Packages:
php-pecl-apc
Issue Correction:
Run yum update php-pecl-apc to update your system.
i686:
php-pecl-apc-3.1.10-1.4.amzn1.i686
php-pecl-apc-debuginfo-3.1.10-1.4.amzn1.i686
php-pecl-apc-devel-3.1.10-1.4.amzn1.i686
src:
php-pecl-apc-3.1.10-1.4.amzn1.src
x86_64:
php-pecl-apc-devel-3.1.10-1.4.amzn1.x86_64
php-pecl-apc-debuginfo-3.1.10-1.4.amzn1.x86_64
php-pecl-apc-3.1.10-1.4.amzn1.x86_64