Amazon Linux 2.0.20210219.0 release notes - Amazon Linux 2
Major updatesPackage updatesKernel updates
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Amazon Linux 2.0.20210219.0 release notes

Amazon Linux 2 was updated.

Major updates

Amazon Linux 2 includes the following update.

  • None

Package updates

Amazon Linux 2 includes the following packages.

Packages

boost-date-time-1.53.0-27.amzn2.0.5.x86_64

boost-system-1.53.0-27.amzn2.0.5.x86_64

boost-thread-1.53.0-27.amzn2.0.5.x86_64

ca-certificates-2020.2.41-70.0.amzn2.0.1.noarch

glibc-2.26-41.amzn2.aarch64

glibc-2.26-41.amzn2.x86_64

glibc-all-langpacks-2.26-41.amzn2.aarch64

glibc-all-langpacks-2.26-41.amzn2.x86_64

glibc-common-2.26-41.amzn2.aarch64

glibc-common-2.26-41.amzn2.x86_64

glibc-devel-2.26-41.amzn2.x86_64

glibc-headers-2.26-41.amzn2.x86_64

glibc-langpack-en-2.26-41.amzn2.aarch64

glibc-langpack-en-2.26-41.amzn2.x86_64

glibc-locale-source-2.26-41.amzn2.aarch64

glibc-locale-source-2.26-41.amzn2.x86_64

glibc-minimal-langpack-2.26-41.amzn2.aarch64

glibc-minimal-langpack-2.26-41.amzn2.x86_64

kernel-4.14.219-161.340.amzn2.aarch64

kernel-4.14.219-161.340.amzn2.x86_64

kernel-devel-4.14.219-161.340.amzn2.x86_64

kernel-headers-4.14.219-161.340.amzn2.x86_64

kernel-tools-4.14.219-161.340.amzn2.aarch64

kernel-tools-4.14.219-161.340.amzn2.x86_64

libcrypt-2.26-41.amzn2.aarch64

libcrypt-2.26-41.amzn2.x86_64

openssl-1.0.2k-19.amzn2.0.6.aarch64

openssl-1.0.2k-19.amzn2.0.6.x86_64

openssl-libs-1.0.2k-19.amzn2.0.6.aarch64

openssl-libs-1.0.2k-19.amzn2.0.6.x86_64

perl-5.16.3-299.amzn2.0.1.aarch64

perl-5.16.3-299.amzn2.0.1.x86_64

perl-libs-5.16.3-299.amzn2.0.1.aarch64

perl-libs-5.16.3-299.amzn2.0.1.x86_64

perl-macros-5.16.3-299.amzn2.0.1.aarch64

perl-macros-5.16.3-299.amzn2.0.1.x86_64

perl-Pod-Escapes-1.04-299.amzn2.0.1.noarch

pygpgme-0.3-9.amzn2.0.3.aarch64

pygpgme-0.3-9.amzn2.0.3.x86_64

python-2.7.18-1.amzn2.0.3.aarch64

python-2.7.18-1.amzn2.0.3.x86_64

python-devel-2.7.18-1.amzn2.0.3.aarch64

python-devel-2.7.18-1.amzn2.0.3.x86_64

python-libs-2.7.18-1.amzn2.0.3.aarch64

python-libs-2.7.18-1.amzn2.0.3.x86_64

rng-tools-6.8-3.amzn2.0.5.aarch64

rng-tools-6.8-3.amzn2.0.5.x86_64

selinux-policy-3.13.1-192.amzn2.6.7.noarch

selinux-policy-targeted-3.13.1-192.amzn2.6.7.noarch

sudo-1.8.23-10.amzn2.1.aarch64

sudo-1.8.23-10.amzn2.1.x86_64

unzip-6.0-43.amzn2.aarch64

unzip-6.0-43.amzn2.x86_64

Kernel updates

Rebase kernel to upstream stable 4.14.219.

CVEs fixed:

  • CVE-2020-28374 [scsi: target: Fixes XCOPY NAA identifier lookup]

  • CVE-2021-3178 [nfsd4: readdirplus shouldn't return parent of export]

  • CVE-2020-27825 [tracing: Fixes race in trace_open and buffer resize call]

  • CVE-2021-3347 [futex: Ensures the correct return value from futex_lock_pi()]

  • CVE-2021-3348 [nbd: Freezes the queue while we're adding connections]

Amazon Features and Backports:

  • NFS: Do uncached readdir when we're seeking a cookie in an empty page cache

Other Fixes:

Fixes

virtio_net: Fixes issue of recursive call to cpus_read_lock()

net-sysfs: Uses the rtnl lock when storing xps_cpus

net: ethernet: ti: cpts: Fixes ethtool output when no ptp_clock registered

vhost_net: Fixes ubuf refcount incorrectly when sendmsg fails

net-sysfs: Uses the rtnl lock when accessing xps_cpus_map and num_tc

crypto: ecdh - Avoids buffer overflow in ecdh_set_secret()

x86/mm: Fixes leak of pmd ptlock

KVM: x86: Fixes shift out of bounds reported by UBSAN

net: ip: Always refragment ip defragmented packets

x86/resctrl: Uses an IPI instead of task_work_add() to update PQR_ASSOC MSR

x86/resctrl: Doesn't move a task to the same resource group

cpufreq: powernow-k8: Passes policy rather than use cpufreq_cpu_get()

iommu/intel: Fixed memleak in intel_irq_remapping_alloc

KVM: arm64: Doesn't access PMCR_EL0 when no PMU is available

mm/hugetlb: Fixes potential missing huge page size info

dm snapshot: Adds flush merged data before committing metadata

ext4: Fixes bug for rename with RENAME_WHITEOUT

NFS4: Fixes use-after-free in trace_event_raw_event_nfs4_set_lock

ext4: Fixes superblock checksum failure when setting password salt

mm, slub: Considers rest of partial list if acquire_slab() fails

rxrpc: Fixes handling of an unsupported token type in rxrpc_read()

tipc: Fixes NULL deref in tipc_link_xmit()

net: Uses skb_list_del_init() to remove from RX sublists

net: Introduces skb_list_walk_safe for skb segment walking

dm: Avoids filesystem lookup in dm_get_dev_t()

skbuff: Backs tiny skbs with kmalloc() in __netdev_alloc_skb() too

tracing: Fixed race in trace_open and buffer resize call

x86/boot/compressed: Disables relocation relaxation

nbd: Freezes the queue while we're adding connections

KVM: x86: Gets smi pending status correctly

x86/entry/64/compat: Preserves r8-r11 in int $0x80

x86/entry/64/compat: Fixes x86/entry/64/compat: Preserve r8-r11 in int $0x80