Amazon Linux 1 Security Advisory: ALAS-2015-612
Advisory Release Date: 2015-11-23 13:44 Pacific
Advisory Updated Date: 2015-11-23 22:51 Pacific
Ganglia-web auth can be bypassed using boolean serialization (CVE-2015-6816).
Affected Packages:
ganglia
Issue Correction:
Run yum update ganglia to update your system.
i686:
ganglia-gmetad-3.7.2-2.19.amzn1.i686
ganglia-gmond-3.7.2-2.19.amzn1.i686
ganglia-devel-3.7.2-2.19.amzn1.i686
ganglia-gmond-python-3.7.2-2.19.amzn1.i686
ganglia-web-3.7.1-2.19.amzn1.i686
ganglia-3.7.2-2.19.amzn1.i686
ganglia-debuginfo-3.7.2-2.19.amzn1.i686
src:
ganglia-3.7.2-2.19.amzn1.src
x86_64:
ganglia-web-3.7.1-2.19.amzn1.x86_64
ganglia-devel-3.7.2-2.19.amzn1.x86_64
ganglia-gmond-python-3.7.2-2.19.amzn1.x86_64
ganglia-3.7.2-2.19.amzn1.x86_64
ganglia-debuginfo-3.7.2-2.19.amzn1.x86_64
ganglia-gmetad-3.7.2-2.19.amzn1.x86_64
ganglia-gmond-3.7.2-2.19.amzn1.x86_64