AWS Security Advisories — April 2015 — AWS Security Advisories

ALAS-2015-515

ALAS · AL1Important2015-04-23

ALAS-2015-515: java-1.6.0-openjdk (important)

CVEs:CVE-2005-1080 CVE-2015-0460 CVE-2015-0469 CVE-2015-0477 CVE-2015-0478 CVE-2015-0480 CVE-2015-0488

Affected products

Product	Status	Vendor	Package	Ecosystem
java-1.6.0-openjdk	affected	Amazon	java-1.6.0-openjdk	—

Upstream advisory

ALAS-2015-516

ALAS · AL1Important2015-04-23

ALAS-2015-516: java-1.7.0-openjdk (important)

CVEs:CVE-2005-1080 CVE-2015-0460 CVE-2015-0469 CVE-2015-0477 CVE-2015-0478 CVE-2015-0480 CVE-2015-0488

Affected products

Product	Status	Vendor	Package	Ecosystem
java-1.7.0-openjdk	affected	Amazon	java-1.7.0-openjdk	—

Upstream advisory

ALAS-2015-514

ALAS · AL1Medium2015-04-22

ALAS-2015-514: curl (medium)

CVEs:CVE-2015-3143 CVE-2015-3144 CVE-2015-3145 CVE-2015-3148

Affected products

Product	Status	Vendor	Package	Ecosystem
curl	affected	Amazon	curl	—

Upstream advisory

ALAS-2015-513

ALAS · AL1Medium2015-04-22

ALAS-2015-513: glibc (medium)

CVEs:CVE-2013-7423 CVE-2015-1781

Affected products

Product	Status	Vendor	Package	Ecosystem
glibc	affected	Amazon	glibc	—

Upstream advisory

ALAS-2015-512

ALAS · AL1Medium2015-04-17

ALAS-2015-512: python-botocore (medium)

CVEs:CVE-2015-2296

Affected products

Product	Status	Vendor	Package	Ecosystem
python-botocore	affected	Amazon	python-botocore	—

Upstream advisory

ALAS-2015-509

ALAS · AL1Important2015-04-17

ALAS-2015-509: php54 (important)

CVEs:CVE-2014-9709 CVE-2015-1352 CVE-2015-2301 CVE-2015-2783 CVE-2015-3329

Affected products

Product	Status	Vendor	Package	Ecosystem
php54	affected	Amazon	php54	—

Upstream advisory

ALAS-2015-510

ALAS · AL1Low2015-04-17

ALAS-2015-510: php55 (low)

CVEs:CVE-2015-1351 CVE-2015-1352 CVE-2015-3329

Affected products

Product	Status	Vendor	Package	Ecosystem
php55	affected	Amazon	php55	—

Upstream advisory

ALAS-2015-511

ALAS · AL1Low2015-04-17

ALAS-2015-511: php56 (low)

CVEs:CVE-2015-1351 CVE-2015-1352 CVE-2015-3329

Affected products

Product	Status	Vendor	Package	Ecosystem
php56	affected	Amazon	php56	—

Upstream advisory

ALAS-2015-508

ALAS · AL1Important2015-04-15

ALAS-2015-508: php56 (important)

CVEs:CVE-2015-0231 CVE-2015-2305 CVE-2015-2331

Affected products

Product	Status	Vendor	Package	Ecosystem
php56	affected	Amazon	php56	—

Upstream advisory

ALAS-2015-506

ALAS · AL1Important2015-04-15

ALAS-2015-506: php54 (important)

CVEs:CVE-2015-0231 CVE-2015-2305 CVE-2015-2331

Affected products

Product	Status	Vendor	Package	Ecosystem
php54	affected	Amazon	php54	—

Upstream advisory

ALAS-2015-507

ALAS · AL1Important2015-04-15

ALAS-2015-507: php55 (important)

CVEs:CVE-2015-0231 CVE-2015-2305 CVE-2015-2331

Affected products

Product	Status	Vendor	Package	Ecosystem
php55	affected	Amazon	php55	—

Upstream advisory

ALAS-2015-504

ALAS · AL1Medium2015-04-15

ALAS-2015-504: unzip (medium)

CVEs:CVE-2014-8139 CVE-2014-8140 CVE-2014-8141 CVE-2014-9636

Affected products

Product	Status	Vendor	Package	Ecosystem
unzip	affected	Amazon	unzip	—

Upstream advisory

ALAS-2015-505

ALAS · AL1Important2015-04-15

ALAS-2015-505: flac (important)

CVEs:CVE-2014-8962 CVE-2014-9028

Affected products

Product	Status	Vendor	Package	Ecosystem
flac	affected	Amazon	flac	—

Upstream advisory

ALAS-2015-503

ALAS · AL1Medium2015-04-15

ALAS-2015-503: postgresql8 (medium)

CVEs:CVE-2014-8161 CVE-2015-0241 CVE-2015-0243 CVE-2015-0244

Affected products

Product	Status	Vendor	Package	Ecosystem
postgresql8	affected	Amazon	postgresql8	—

Upstream advisory

ALAS-2015-502

ALAS · AL1Important2015-04-01

ALAS-2015-502: freetype (important)

CVEs:CVE-2014-9657 CVE-2014-9658 CVE-2014-9660 CVE-2014-9661 CVE-2014-9663 CVE-2014-9664 CVE-2014-9667 CVE-2014-9669 CVE-2014-9670 CVE-2014-9671 CVE-2014-9673 CVE-2014-9674 CVE-2014-9675

Affected products

Product	Status	Vendor	Package	Ecosystem
freetype	affected	Amazon	freetype	—

Upstream advisory

ALAS-2015-501

ALAS · AL1Important2015-04-01

ALAS-2015-501: 389-ds-base (important)

CVEs:CVE-2014-8105 CVE-2014-8112

Affected products

Product	Status	Vendor	Package	Ecosystem
389-ds-base	affected	Amazon	389-ds-base	—

Upstream advisory

ALAS-2015-499

ALAS · AL1Low2015-04-01

ALAS-2015-499: pigz (low)

CVEs:CVE-2015-1191

Affected products

Product	Status	Vendor	Package	Ecosystem
pigz	affected	Amazon	pigz	—

Upstream advisory

ALAS-2015-500

ALAS · AL1Low2015-04-01

ALAS-2015-500: gpgme (low)

CVEs:CVE-2014-3564

Affected products

Product	Status	Vendor	Package	Ecosystem
gpgme	affected	Amazon	gpgme	—

Upstream advisory

Advisories

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Need live exploit intelligence?