AWS Security Advisories — January 2015 — AWS Security Advisories

ALAS-2015-473

ALAS · AL1Critical2015-01-27

ALAS-2015-473: glibc (critical)

CVEs:CVE-2015-0235

Affected products

Product	Status	Vendor	Package	Ecosystem
glibc	affected	Amazon	glibc	—

Upstream advisory

ALAS-2015-472

ALAS · AL1Important2015-01-22

ALAS-2015-472: java-1.8.0-openjdk (important)

CVEs:CVE-2014-3566 CVE-2014-6549 CVE-2014-6585 CVE-2014-6587 CVE-2014-6591 CVE-2014-6593 CVE-2014-6601 CVE-2015-0383 CVE-2015-0395 CVE-2015-0407 CVE-2015-0408 CVE-2015-0410 CVE-2015-0412 CVE-2015-0437

Affected products

Product	Status	Vendor	Package	Ecosystem
java-1.8.0-openjdk	affected	Amazon	java-1.8.0-openjdk	—

Upstream advisory

ALAS-2015-471

ALAS · AL1Critical2015-01-22

ALAS-2015-471: java-1.7.0-openjdk (critical)

CVEs:CVE-2014-3566 CVE-2014-6585 CVE-2014-6587 CVE-2014-6591 CVE-2014-6593 CVE-2014-6601 CVE-2015-0383 CVE-2015-0395 CVE-2015-0407 CVE-2015-0408 CVE-2015-0410 CVE-2015-0412

Affected products

Product	Status	Vendor	Package	Ecosystem
java-1.7.0-openjdk	affected	Amazon	java-1.7.0-openjdk	—

Upstream advisory

ALAS-2015-470

ALAS · AL1Important2015-01-15

ALAS-2015-470: xorg-x11-server (important)

CVEs:CVE-2014-8091 CVE-2014-8092 CVE-2014-8093 CVE-2014-8094 CVE-2014-8095 CVE-2014-8096 CVE-2014-8097 CVE-2014-8098 CVE-2014-8099 CVE-2014-8100 CVE-2014-8101 CVE-2014-8102 CVE-2014-8103

Affected products

Product	Status	Vendor	Package	Ecosystem
xorg-x11-server	affected	Amazon	xorg-x11-server	—

Upstream advisory

ALAS-2015-469

ALAS · AL1Medium2015-01-11

ALAS-2015-469: openssl (medium)

CVEs:CVE-2014-3569 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-8275 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206

Affected products

Product	Status	Vendor	Package	Ecosystem
openssl	affected	Amazon	openssl	—

Upstream advisory

ALAS-2015-468

ALAS · AL1Medium2015-01-08

ALAS-2015-468: glibc (medium)

CVEs:CVE-2014-6040 CVE-2014-7817

Affected products

Product	Status	Vendor	Package	Ecosystem
glibc	affected	Amazon	glibc	—

Upstream advisory

ALAS-2015-467

ALAS · AL1Medium2015-01-08

ALAS-2015-467: mailx (medium)

CVEs:CVE-2004-2771 CVE-2014-7844

Affected products

Product	Status	Vendor	Package	Ecosystem
mailx	affected	Amazon	mailx	—

Upstream advisory

ALAS-2015-465

ALAS · AL1Important2015-01-08

ALAS-2015-465: bind (important)

CVEs:CVE-2014-8500

Affected products

Product	Status	Vendor	Package	Ecosystem
bind	affected	Amazon	bind	—

Upstream advisory

ALAS-2015-466

ALAS · AL1Important2015-01-08

ALAS-2015-466: jasper (important)

CVEs:CVE-2014-8137 CVE-2014-8138 CVE-2014-9029

Affected products

Product	Status	Vendor	Package	Ecosystem
jasper	affected	Amazon	jasper	—

Upstream advisory

ALAS-2015-463

ALAS · AL1Medium2015-01-08

ALAS-2015-463: php54 (medium)

CVEs:CVE-2014-8142

Affected products

Product	Status	Vendor	Package	Ecosystem
php54	affected	Amazon	php54	—

Upstream advisory

ALAS-2015-464

ALAS · AL1Medium2015-01-08

ALAS-2015-464: php55 (medium)

CVEs:CVE-2014-8142

Affected products

Product	Status	Vendor	Package	Ecosystem
php55	affected	Amazon	php55	—

Upstream advisory

Advisories

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Need live exploit intelligence?