Amazon Linux 1 Security Advisory: ALAS-2017-928
Advisory Release Date: 2017-12-05 21:57 Pacific
Advisory Updated Date: 2017-12-06 21:33 Pacific
An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak.(CVE-2017-12613)
Affected Packages:
apr
Issue Correction:
Run yum update apr to update your system.
i686:
apr-devel-1.5.2-5.13.amzn1.i686
apr-1.5.2-5.13.amzn1.i686
apr-debuginfo-1.5.2-5.13.amzn1.i686
src:
apr-1.5.2-5.13.amzn1.src
x86_64:
apr-devel-1.5.2-5.13.amzn1.x86_64
apr-debuginfo-1.5.2-5.13.amzn1.x86_64
apr-1.5.2-5.13.amzn1.x86_64