ALAS-2023-1674


Amazon Linux 1 Security Advisory: ALAS-2023-1674
Advisory Release Date: 2023-01-19 20:10 Pacific
Advisory Updated Date: 2023-01-24 17:20 Pacific
Severity: Critical

Issue Overview:

PHP-Memcached v2.2.0 and below contains an improper NULL termination which allows attackers to execute CLRF injection. (CVE-2022-26635)


Affected Packages:

php71-pecl-memcached


Issue Correction:
Run yum update php71-pecl-memcached to update your system.

New Packages:
i686:
    php71-pecl-memcached-debuginfo-3.2.0-1.4.amzn1.i686
    php71-pecl-memcached-3.2.0-1.4.amzn1.i686

src:
    php71-pecl-memcached-3.2.0-1.4.amzn1.src

x86_64:
    php71-pecl-memcached-3.2.0-1.4.amzn1.x86_64
    php71-pecl-memcached-debuginfo-3.2.0-1.4.amzn1.x86_64