Amazon Linux 1 Security Advisory: ALAS-2015-627
Advisory Release Date: 2015-12-14 10:00 Pacific
Advisory Updated Date: 2015-12-13 14:25 Pacific
A vulnerability in perl-IPTables-Parse was found, when using predictable file names for its temporary files. This vulnerability allows attacker on a multi-user system to set up symlinks to overwrite any file the current user has write access to.
Affected Packages:
perl-IPTables-Parse
Issue Correction:
Run yum update perl-IPTables-Parse to update your system.
noarch:
perl-IPTables-Parse-1.5-2.3.amzn1.noarch
src:
perl-IPTables-Parse-1.5-2.3.amzn1.src