ALAS-2019-1194

Amazon Linux 1 (EOL) Security Advisory: ALAS-2019-1194
Advisory Released Date: 2019-04-17
Advisory Updated Date: 2019-04-19

Severity: Important

References: CVE-2019-5953
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

A buffer overflow vulnerability was found in GNU Wget. An attacker may be able to cause a denial-of-service (DoS) or may execute an arbitrary code. (CVE-2019-5953)

Affected Packages:

wget

Issue Correction:
Run yum update wget to update your system.

New Packages:

i686:
    wget-1.18-5.30.amzn1.i686
    wget-debuginfo-1.18-5.30.amzn1.i686

src:
    wget-1.18-5.30.amzn1.src

x86_64:
    wget-debuginfo-1.18-5.30.amzn1.x86_64
    wget-1.18-5.30.amzn1.x86_64

Additional References

Red Hat: CVE-2019-5953

Mitre: CVE-2019-5953