Amazon Linux 1 Security Advisory: ALAS-2022-1637
Advisory Release Date: 2022-09-30 02:41 Pacific
Advisory Updated Date: 2022-10-10 20:40 Pacific
A flaw in Apache libapreq2 versions 2.16 and earlier could cause a buffer overflow while processing multipart form uploads. A remote attacker could send a request causing a process crash which could lead to a denial of service attack. (CVE-2022-22728)
Affected Packages:
libapreq2
Issue Correction:
Run yum update libapreq2 to update your system.
i686:
libapreq2-2.13-38.3.amzn1.i686
libapreq2-libs-2.13-38.3.amzn1.i686
libapreq2-devel-2.13-38.3.amzn1.i686
perl-libapreq2-2.13-38.3.amzn1.i686
libapreq2-debuginfo-2.13-38.3.amzn1.i686
src:
libapreq2-2.13-38.3.amzn1.src
x86_64:
libapreq2-libs-2.13-38.3.amzn1.x86_64
perl-libapreq2-2.13-38.3.amzn1.x86_64
libapreq2-debuginfo-2.13-38.3.amzn1.x86_64
libapreq2-devel-2.13-38.3.amzn1.x86_64
libapreq2-2.13-38.3.amzn1.x86_64