ALAS-2020-1387


Amazon Linux AMI Security Advisory: ALAS-2020-1387
Advisory Release Date: 2020-06-26 04:47 Pacific
Severity: Important
References: CVE-2020-10188 

Issue Overview:

utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions. (CVE-2020-10188 )


Affected Packages:

telnet


Issue Correction:
Run yum update telnet to update your system.

New Packages:
i686:
    telnet-0.17-49.9.amzn1.i686
    telnet-server-0.17-49.9.amzn1.i686
    telnet-debuginfo-0.17-49.9.amzn1.i686

src:
    telnet-0.17-49.9.amzn1.src

x86_64:
    telnet-debuginfo-0.17-49.9.amzn1.x86_64
    telnet-server-0.17-49.9.amzn1.x86_64
    telnet-0.17-49.9.amzn1.x86_64