Amazon Linux AMI : python27 (ALAS-2018-1108)
Medium Nessus Plugin ID 119467
Synopsis
The remote Amazon Linux AMI host is missing a security update.
Description
A flaw was found in the way catastrophic backtracking was implemented in python's pop3lib's apop() method. An attacker could use this flaw to cause denial of service.(CVE-2018-1060)
A flaw was found in the way catastrophic backtracking was implemented in python's difflib.IS_LINE_JUNK method. An attacker could use this flaw to cause denial of service.(CVE-2018-1061)
Solution
Run 'yum update python27' to update your system.