Amazon Linux 1 Security Advisory: ALAS-2015-622
Advisory Release Date: 2015-12-14 10:00 Pacific
Advisory Updated Date: 2015-12-13 14:22 Pacific
It was discovered that the xfs_metadump tool of the xfsprogs suite did not fully adhere to the standards of obfuscation described in its man page. In case a user with the necessary privileges used xfs_metadump and relied on the advertised obfuscation, the generated data could contain unexpected traces of potentially sensitive information.
Affected Packages:
xfsprogs
Issue Correction:
Run yum update xfsprogs to update your system.
i686:
xfsprogs-3.2.2-2.20.amzn1.i686
xfsprogs-devel-3.2.2-2.20.amzn1.i686
xfsprogs-debuginfo-3.2.2-2.20.amzn1.i686
src:
xfsprogs-3.2.2-2.20.amzn1.src
x86_64:
xfsprogs-debuginfo-3.2.2-2.20.amzn1.x86_64
xfsprogs-3.2.2-2.20.amzn1.x86_64
xfsprogs-devel-3.2.2-2.20.amzn1.x86_64