Overview

File _patchinfo of Package patchinfo.13670

<patchinfo incident="13670">
  <issue tracker="bnc" id="1105988">VUL-1: CVE-2018-15869: aws-cli: The Amazon Web Services (AWS) CLI version 1.15.85 (and possibly earlierversions) does not require the --owners flag when describing images, which makesit easier for remote attackers to trigger the loading o</issue>
  <issue tracker="bnc" id="1118099">aws-cli-1.16.48-1.1.noarch requires python3-colorama &lt;= 0.3.9, but this requirement cannot be provided</issue>
  <issue tracker="bnc" id="1118021">Update aws-cli, botocore and dependencies to latest version</issue>
  <issue tracker="bnc" id="1092493">aws CLI tool fails to run: ModuleNotFoundError: No module named 'botocore.vendored'</issue>
  <issue tracker="bnc" id="1118024">Update aws-cli, botocore and dependencies to latest version</issue>
  <issue tracker="cve" id="2018-15869"/>
  <packager>rjschwei</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for aws-cli</summary>
  <description>This update for aws-cli to version 1.16.297 fixes the following issues:

Security issue fixed:

- CVE-2018-15869: Fixed an permission handling issue where an unexpected AMI could potentially be used (bsc#1105988).

Non-security issues fixed:

- Fixed an issue with the CLI client, where a ModuleNotFoundError was triggered (bsc#1092493).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places