ALAS-2017-847


Amazon Linux 1 Security Advisory: ALAS-2017-847
Advisory Release Date: 2017-06-22 19:19 Pacific
Advisory Updated Date: 2017-06-22 23:00 Pacific
Severity: Medium

Issue Overview:

Unspecified tests in Lynis before 2.5.0 allow local users to write to arbitrary files or possibly gain privileges via a symlink attack on a temporary file. (CVE-2017-8108)


Affected Packages:

lynis


Issue Correction:
Run yum update lynis to update your system.

New Packages:
noarch:
    lynis-2.5.0-1.6.amzn1.noarch

src:
    lynis-2.5.0-1.6.amzn1.src