ALAS-2015-627

Amazon Linux 1 (EOL) Security Advisory: ALAS-2015-627
Advisory Released Date: 2015-12-14
Advisory Updated Date: 2015-12-14

Severity: Low

References: CVE-2015-8326
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

A vulnerability in perl-IPTables-Parse was found, when using predictable file names for its temporary files. This vulnerability allows attacker on a multi-user system to set up symlinks to overwrite any file the current user has write access to.

Affected Packages:

perl-IPTables-Parse

Issue Correction:
Run yum update perl-IPTables-Parse or yum update --advisory ALAS-2015-627 to update your system.

New Packages:

noarch:
    perl-IPTables-Parse-1.5-2.3.amzn1.noarch

src:
    perl-IPTables-Parse-1.5-2.3.amzn1.src

Additional References

Red Hat: CVE-2015-8326

Mitre: CVE-2015-8326