AWS Security Advisories — July 2015 — AWS Security Advisories

ALAS-2015-574

ALAS · AL1Low2015-07-28

ALAS-2015-574: gnupg2 (low)

CVEs:CVE-2015-1606

Affected products

Product	Status	Vendor	Package	Ecosystem
gnupg2	affected	Amazon	gnupg2	—

Upstream advisory

ALAS-2015-573

ALAS · AL1Critical2015-07-28

ALAS-2015-573: bind (critical)

CVEs:CVE-2015-5477

Affected products

Product	Status	Vendor	Package	Ecosystem
bind	affected	Amazon	bind	—

Upstream advisory

ALAS-2015-572

ALAS · AL1Important2015-07-23

ALAS-2015-572: usermode, libuser (important)

CVEs:CVE-2015-3245 CVE-2015-3246

Affected products

Product	Status	Vendor	Package	Ecosystem
usermode, libuser	affected	Amazon	usermode, libuser	—

Upstream advisory

ALAS-2015-565

ALAS · AL1Medium2015-07-22

ALAS-2015-565: kernel (medium)

CVEs:CVE-2015-1805 CVE-2015-3212 CVE-2015-5364 CVE-2015-5366

Affected products

Product	Status	Vendor	Package	Ecosystem
kernel	affected	Amazon	kernel	—

Upstream advisory

ALAS-2015-566

ALAS · AL1Important2015-07-22

ALAS-2015-566: bind (important)

CVEs:CVE-2015-4620

Affected products

Product	Status	Vendor	Package	Ecosystem
bind	affected	Amazon	bind	—

Upstream advisory

ALAS-2015-567

ALAS · AL1Medium2015-07-22

ALAS-2015-567: 389-ds-base (medium)

CVEs:CVE-2015-3230

Affected products

Product	Status	Vendor	Package	Ecosystem
389-ds-base	affected	Amazon	389-ds-base	—

Upstream advisory

ALAS-2015-568

ALAS · AL1Medium2015-07-22

ALAS-2015-568: openssh (medium)

CVEs:CVE-2015-5352

Affected products

Product	Status	Vendor	Package	Ecosystem
openssh	affected	Amazon	openssh	—

Upstream advisory

ALAS-2015-569

ALAS · AL1Medium2015-07-22

ALAS-2015-569: nss, nss-util (medium)

CVEs:CVE-2015-4000

Affected products

Product	Status	Vendor	Package	Ecosystem
nss, nss-util	affected	Amazon	nss, nss-util	—

Upstream advisory

ALAS-2015-570

ALAS · AL1ExploitedCritical2015-07-22

ALAS-2015-570: java-1.7.0-openjdk (critical)

CVEs:CVE-2015-2590 CVE-2015-2601 CVE-2015-2621 CVE-2015-2625 CVE-2015-2628 CVE-2015-2632 CVE-2015-2808 CVE-2015-4000 CVE-2015-4731 CVE-2015-4732 CVE-2015-4733 CVE-2015-4748 CVE-2015-4749 CVE-2015-4760

Affected products

Product	Status	Vendor	Package	Ecosystem
java-1.7.0-openjdk	affected	Amazon	java-1.7.0-openjdk	—

Upstream advisory

ALAS-2015-571

ALAS · AL1ExploitedImportant2015-07-22

ALAS-2015-571: java-1.8.0-openjdk (important)

CVEs:CVE-2015-0383 CVE-2015-2590 CVE-2015-2601 CVE-2015-2621 CVE-2015-2625 CVE-2015-2628 CVE-2015-2632 CVE-2015-2659 CVE-2015-2808 CVE-2015-3149 CVE-2015-4000 CVE-2015-4731 CVE-2015-4732 CVE-2015-4733 CVE-2015-4748 CVE-2015-4749 CVE-2015-4760

Affected products

Product	Status	Vendor	Package	Ecosystem
java-1.8.0-openjdk	affected	Amazon	java-1.8.0-openjdk	—

Upstream advisory

ALAS-2015-564

ALAS · AL1Critical2015-07-09

ALAS-2015-564: openssl (critical)

CVEs:CVE-2015-1793

Affected products

Product	Status	Vendor	Package	Ecosystem
openssl	affected	Amazon	openssl	—

Upstream advisory

ALAS-2015-562

ALAS · AL1Medium2015-07-07

ALAS-2015-562: php55 (medium)

CVEs:CVE-2014-3416 CVE-2015-2325 CVE-2015-2326 CVE-2015-3414 CVE-2015-3415 CVE-2015-4642 CVE-2015-4643 CVE-2015-4644

Affected products

Product	Status	Vendor	Package	Ecosystem
php55	affected	Amazon	php55	—

Upstream advisory

ALAS-2015-563

ALAS · AL1Medium2015-07-07

ALAS-2015-563: php56 (medium)

CVEs:CVE-2014-3416 CVE-2015-2325 CVE-2015-2326 CVE-2015-3414 CVE-2015-3415 CVE-2015-4642 CVE-2015-4643 CVE-2015-4644

Affected products

Product	Status	Vendor	Package	Ecosystem
php56	affected	Amazon	php56	—

Upstream advisory

ALAS-2015-561

ALAS · AL1Medium2015-07-07

ALAS-2015-561: php54 (medium)

CVEs:CVE-2014-3416 CVE-2015-3414 CVE-2015-3415 CVE-2015-4642 CVE-2015-4643 CVE-2015-4644

Affected products

Product	Status	Vendor	Package	Ecosystem
php54	affected	Amazon	php54	—

Upstream advisory

ALAS-2015-560

ALAS · AL1Medium2015-07-07

ALAS-2015-560: php-ZendFramework (medium)

CVEs:CVE-2015-3154

Affected products

Product	Status	Vendor	Package	Ecosystem
php-ZendFramework	affected	Amazon	php-ZendFramework	—

Upstream advisory

ALAS-2015-559

ALAS · AL1Medium2015-07-07

ALAS-2015-559: cups (medium)

CVEs:CVE-2014-9679 CVE-2015-1158 CVE-2015-1159

Affected products

Product	Status	Vendor	Package	Ecosystem
cups	affected	Amazon	cups	—

Upstream advisory

ALAS-2015-558

ALAS · AL1Medium2015-07-07

ALAS-2015-558: fuse (medium)

CVEs:CVE-2015-3202

Affected products

Product	Status	Vendor	Package	Ecosystem
fuse	affected	Amazon	fuse	—

Upstream advisory

ALAS-2015-557

ALAS · AL1Medium2015-07-07

ALAS-2015-557: tcpdump (medium)

CVEs:CVE-2015-0261 CVE-2015-2154

Affected products

Product	Status	Vendor	Package	Ecosystem
tcpdump	affected	Amazon	tcpdump	—

Upstream advisory

ALAS-2015-556

ALAS · AL1Medium2015-07-07

ALAS-2015-556: postgresql8 (medium)

CVEs:CVE-2015-3165 CVE-2015-3166 CVE-2015-3167

Affected products

Product	Status	Vendor	Package	Ecosystem
postgresql8	affected	Amazon	postgresql8	—

Upstream advisory

Advisories

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Need live exploit intelligence?