ALAS-2015-612


Amazon Linux AMI Security Advisory: ALAS-2015-612
Advisory Release Date: 2015-11-23 22:51 Pacific
Severity: Important
References: CVE-2015-6816 

Issue Overview:

Ganglia-web auth can be bypassed using boolean serialization (CVE-2015-6816 ).


Affected Packages:

ganglia


Issue Correction:
Run yum update ganglia to update your system.

New Packages:
i686:
    ganglia-gmetad-3.7.2-2.19.amzn1.i686
    ganglia-gmond-3.7.2-2.19.amzn1.i686
    ganglia-devel-3.7.2-2.19.amzn1.i686
    ganglia-gmond-python-3.7.2-2.19.amzn1.i686
    ganglia-web-3.7.1-2.19.amzn1.i686
    ganglia-3.7.2-2.19.amzn1.i686
    ganglia-debuginfo-3.7.2-2.19.amzn1.i686

src:
    ganglia-3.7.2-2.19.amzn1.src

x86_64:
    ganglia-web-3.7.1-2.19.amzn1.x86_64
    ganglia-devel-3.7.2-2.19.amzn1.x86_64
    ganglia-gmond-python-3.7.2-2.19.amzn1.x86_64
    ganglia-3.7.2-2.19.amzn1.x86_64
    ganglia-debuginfo-3.7.2-2.19.amzn1.x86_64
    ganglia-gmetad-3.7.2-2.19.amzn1.x86_64
    ganglia-gmond-3.7.2-2.19.amzn1.x86_64