Amazon Linux 2023 Security Advisory: ALAS2023-2023-414
Advisory Released Date: 2023-11-03
Advisory Updated Date: 2023-11-03
Severity:
Low
Issue Overview:
Buffer Overflow vulnerability in Vorbis-tools v.1.4.2 allows a local attacker to execute arbitrary code and cause a denial of service during the conversion of wav files to ogg files. (CVE-2023-43361)
Affected Packages:
vorbis-tools
Issue Correction:
Run dnf update vorbis-tools --releasever 2023.2.20231030 to update your system.
New Packages:
aarch64:
vorbis-tools-debuginfo-1.4.2-2.amzn2023.0.3.aarch64
vorbis-tools-debugsource-1.4.2-2.amzn2023.0.3.aarch64
vorbis-tools-1.4.2-2.amzn2023.0.3.aarch64
src:
vorbis-tools-1.4.2-2.amzn2023.0.3.src
x86_64:
vorbis-tools-debuginfo-1.4.2-2.amzn2023.0.3.x86_64
vorbis-tools-debugsource-1.4.2-2.amzn2023.0.3.x86_64
vorbis-tools-1.4.2-2.amzn2023.0.3.x86_64