ALAS-2021-1484 Changes
rogerducky opened this issue · comments
According to https://alas.aws.amazon.com/ALAS-2021-1484.html, a "severe" vulnerability was found in the python interpreters, requiring they be updated.
I couldn't figure out where the 3.8 versioned packages were, so was not able to update those.
Here's a diff for the Python 2.7 and 3.6 interpreters, though:
diff --git a/base/packages.txt b/base/packages.txt
index 3c951be..7e5e4fb 100644
--- a/base/packages.txt
+++ b/base/packages.txt
@@ -181,16 +181,16 @@ popt-1.13-7.7.amzn1.x86_64
procps-3.2.8-45.16.amzn1.x86_64
psmisc-22.20-8.12.amzn1.x86_64
pth-2.0.7-9.3.7.amzn1.x86_64
-python27-2.7.18-2.141.amzn1.x86_64
+python27-2.7.18-2.140.amzn1.x86_64
python27-iniparse-0.3.1-2.1.9.amzn1.noarch
-python27-libs-2.7.18-2.141.amzn1.x86_64
+python27-libs-2.7.18-2.140.amzn1.x86_64
python27-pycurl-7.19.0-17.12.amzn1.x86_64
python27-pygpgme-0.3-9.12.amzn1.x86_64
python27-pyliblzma-0.5.3-11.6.amzn1.x86_64
python27-pyxattr-0.5.0-1.6.amzn1.x86_64
python27-urlgrabber-3.10-8.16.amzn1.noarch
-python36-3.6.12-1.20.amzn1.x86_64
-python36-libs-3.6.12-1.20.amzn1.x86_64
+python36-3.6.12-1.19.amzn1.x86_64
+python36-libs-3.6.12-1.19.amzn1.x86_64
python36-pip-9.0.3-1.27.amzn1.noarch
python36-setuptools-36.2.7-1.33.amzn1.noarch
readline-6.2-9.14.amzn1.x86_64