Amazon Linux AMI : libxml2 (ALAS-2014-341)
Medium Nessus Plugin ID 78284
SynopsisThe remote Amazon Linux AMI host is missing a security update.
DescriptionIt was discovered that libxml2, a library providing support to read, modify and write XML files, incorrectly performs entity substituton in the doctype prolog, even if the application using libxml2 disabled any entity substitution. A remote attacker could provide a specially crafted XML file that, when processed, would lead to the exhaustion of CPU and memory resources or file descriptors.
SolutionRun 'yum update libxml2' to update your system.