ALAS-2017-861


Amazon Linux 1 Security Advisory: ALAS-2017-861
Advisory Release Date: 2017-07-25 18:33 Pacific
Advisory Updated Date: 2017-08-04 03:33 Pacific
Severity: Important

Issue Overview:

A vulnerability was reported in the CloudFormation bootstrap tools that allows an attacker to execute arbitrary code as root if they have local access to the system and are able to create files in a specific directory (CVE-2017-9450 )


Affected Packages:

aws-cfn-bootstrap


Issue Correction:
Run yum update aws-cfn-bootstrap to update your system.

New Packages:
noarch:
    aws-cfn-bootstrap-1.4-19.10.amzn1.noarch

src:
    aws-cfn-bootstrap-1.4-19.10.amzn1.src