ALAS-2015-512


Amazon Linux AMI Security Advisory: ALAS-2015-512
Advisory Release Date: 2015-04-17 15:26 Pacific
Severity: Medium
References: CVE-2015-2296 

Issue Overview:

A flaw was found in the way python-requests set the domain cookie parameter for certain HTTP responses. A remote attacker could use this flaw to modify a cookie to be sent to an arbitrary URL.


Affected Packages:

python-botocore


Issue Correction:
Run yum update python-botocore to update your system.

New Packages:
noarch:
    python26-botocore-0.103.0-1.7.amzn1.noarch
    python27-botocore-0.103.0-1.7.amzn1.noarch

src:
    python-botocore-0.103.0-1.7.amzn1.src