Amazon Linux 1 Security Advisory: ALAS-2015-512
Advisory Release Date: 2015-04-17 15:25 Pacific
Advisory Updated Date: 2015-04-17 15:26 Pacific
A flaw was found in the way python-requests set the domain cookie parameter for certain HTTP responses. A remote attacker could use this flaw to modify a cookie to be sent to an arbitrary URL.
Affected Packages:
python-botocore
Issue Correction:
Run yum update python-botocore to update your system.
noarch:
python26-botocore-0.103.0-1.7.amzn1.noarch
python27-botocore-0.103.0-1.7.amzn1.noarch
src:
python-botocore-0.103.0-1.7.amzn1.src