Amazon Linux 1 Security Advisory: ALAS-2019-1236
Advisory Release Date: 2019-07-17 23:24 Pacific
Advisory Updated Date: 2019-07-25 18:36 Pacific
In the urllib3 library for Python, CRLF injection is possible if the attacker controls the request parameter. (CVE-2019-11236)
Affected Packages:
python-urllib3
Issue Correction:
Run yum update python-urllib3 to update your system.
noarch:
python27-urllib3-1.24.3-1.8.amzn1.noarch
src:
python-urllib3-1.24.3-1.8.amzn1.src