Important: ganglia

2015-11-23T13:44:00
ID ALAS-2015-612
Type amazon
Reporter Amazon
Modified 2015-11-23T13:44:00

Description

Issue Overview:

Ganglia-web auth can be bypassed using boolean serialization (CVE-2015-6816 __).

Affected Packages:

ganglia

Issue Correction:
Run yum update ganglia to update your system.

New Packages:

i686:  
    ganglia-gmetad-3.7.2-2.19.amzn1.i686  
    ganglia-gmond-3.7.2-2.19.amzn1.i686  
    ganglia-devel-3.7.2-2.19.amzn1.i686  
    ganglia-gmond-python-3.7.2-2.19.amzn1.i686  
    ganglia-web-3.7.1-2.19.amzn1.i686  
    ganglia-3.7.2-2.19.amzn1.i686  
    ganglia-debuginfo-3.7.2-2.19.amzn1.i686

src:  
    ganglia-3.7.2-2.19.amzn1.src

x86_64:  
    ganglia-web-3.7.1-2.19.amzn1.x86_64  
    ganglia-devel-3.7.2-2.19.amzn1.x86_64  
    ganglia-gmond-python-3.7.2-2.19.amzn1.x86_64  
    ganglia-3.7.2-2.19.amzn1.x86_64  
    ganglia-debuginfo-3.7.2-2.19.amzn1.x86_64  
    ganglia-gmetad-3.7.2-2.19.amzn1.x86_64  
    ganglia-gmond-3.7.2-2.19.amzn1.x86_64