AWS Security Advisories — February 2017 — AWS Security Advisories

ALAS-2017-800

ALAS · AL1Important2017-02-22

ALAS-2017-800: mysql51 (important)

CVEs:CVE-2016-5616 CVE-2016-6662 CVE-2016-6663

Affected products

Product	Status	Vendor	Package	Ecosystem
mysql51	affected	Amazon	mysql51	—

Upstream advisory

ALAS-2017-796

ALAS · AL1Medium2017-02-14

ALAS-2017-796: tomcat7, tomcat8 (medium)

CVEs:CVE-2016-8745

Affected products

Product	Status	Vendor	Package	Ecosystem
tomcat7, tomcat8	affected	Amazon	tomcat7, tomcat8	—

Upstream advisory

ALAS-2017-797

ALAS · AL1Critical2017-02-14

ALAS-2017-797: java-1.7.0-openjdk (critical)

CVEs:CVE-2016-5546 CVE-2016-5547 CVE-2016-5548 CVE-2016-5552 CVE-2017-3231 CVE-2017-3241 CVE-2017-3252 CVE-2017-3253 CVE-2017-3261 CVE-2017-3272 CVE-2017-3289

Affected products

Product	Status	Vendor	Package	Ecosystem
java-1.7.0-openjdk	affected	Amazon	java-1.7.0-openjdk	—

Upstream advisory

ALAS-2017-798

ALAS · AL1Important2017-02-14

ALAS-2017-798: bind (important)

CVEs:CVE-2016-9147

Affected products

Product	Status	Vendor	Package	Ecosystem
bind	affected	Amazon	bind	—

Upstream advisory

ALAS-2017-799

ALAS · AL1Medium2017-02-14

ALAS-2017-799: openldap (medium)

CVEs:CVE-2015-3276

Affected products

Product	Status	Vendor	Package	Ecosystem
openldap	affected	Amazon	openldap	—

Upstream advisory

ALAS-2017-792

ALAS · AL1Low2017-02-06

ALAS-2017-792: glibc (low)

CVEs:CVE-2016-3075

Affected products

Product	Status	Vendor	Package	Ecosystem
glibc	affected	Amazon	glibc	—

Upstream advisory

ALAS-2017-793

ALAS · AL1Low2017-02-06

ALAS-2017-793: krb5 (low)

CVEs:CVE-2016-3119 CVE-2016-3120

Affected products

Product	Status	Vendor	Package	Ecosystem
krb5	affected	Amazon	krb5	—

Upstream advisory

ALAS-2017-794

ALAS · AL1Medium2017-02-06

ALAS-2017-794: subversion, mod_dav_svn (medium)

CVEs:CVE-2016-8734

Affected products

Product	Status	Vendor	Package	Ecosystem
subversion, mod_dav_svn	affected	Amazon	subversion, mod_dav_svn	—

Upstream advisory

ALAS-2017-795

ALAS · AL1Important2017-02-06

ALAS-2017-795: java-1.6.0-openjdk (important)

CVEs:CVE-2016-5542 CVE-2016-5554 CVE-2016-5573 CVE-2016-5582 CVE-2016-5597

Affected products

Product	Status	Vendor	Package	Ecosystem
java-1.6.0-openjdk	affected	Amazon	java-1.6.0-openjdk	—

Upstream advisory

Advisories

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Affected products

Need live exploit intelligence?