ALAS-2017-847

Amazon Linux 1 (EOL) Security Advisory: ALAS-2017-847
Advisory Released Date: 2017-06-22
Advisory Updated Date: 2017-06-22

Severity: Medium

References: CVE-2017-8108
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

Unspecified tests in Lynis before 2.5.0 allow local users to write to arbitrary files or possibly gain privileges via a symlink attack on a temporary file. (CVE-2017-8108)

Affected Packages:

lynis

Issue Correction:
Run yum update lynis to update your system.

New Packages:

noarch:
    lynis-2.5.0-1.6.amzn1.noarch

src:
    lynis-2.5.0-1.6.amzn1.src

Additional References

Red Hat: CVE-2017-8108

Mitre: CVE-2017-8108