Amazon Linux 2.0.20200722.0 release notes
Amazon Linux 2 was updated.
Major updates
Amazon Linux 2 includes the following update.
-
This update contains security updates for libxml2 and thunderbird as well as a dependency bug fix for system-rpm-config.
Package updates
Amazon Linux 2 includes the following packages.
-
kernel-4.14.186-146.268.amzn2
-
libxml2-2.9.1-6.amzn2.4.1
-
qemu-3.1.0-8.amzn2.0.3
-
system-rpm-config-9.1.0-76.amzn2.0.10
-
thunderbird-68.10.0-1.amzn2
Kernel updates
Rebase kernel to upstream stable 4.14.186.
Update ENA module to version 2.2.10g.
CVEs fixed:
-
CVE-2018-20669 [Makes 'user_access_begin()' do 'access_ok()']
-
CVE-2019-19462 [kernel/relay.c: Handles alloc_percpu returning NULL in relay_open]
-
CVE-2020-0543 [Addressed in microcode]
-
CVE-2020-10732 [fs/binfmt_elf.c: Allocates initialized memory in fill_thread_core_info()]
-
CVE-2020-10757 [mm: Fixes mremap not considering huge pmd devmap]
-
CVE-2020-10766 [x86/speculation: Prepares for per task indirect branch speculation control]
-
CVE-2020-10767 [x86/speculation: Avoids force-disabling IBPB based on STIBP and enhanced IBRS]
-
CVE-2020-10768 [x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches]
-
CVE-2020-12771 [bcache: Fixes potential deadlock problem in btree_gc_coalesce]
-
CVE-2020-12888 [vfio-pci: Invalidates mmaps and block MMIO access on disabled memory]
Other Fixes:
-
Fixes disallowing holes in swap files [iomap: don't allow holes in swapfiles]
-
Fixes populating cache information [ACPI/PPTT: Handle architecturally unknown cache types]
-
Fixes memory leaks in vfio/pci [vfio/pci: fix memory leaks in alloc_perm_bits()]
-
Fixes error handling in btrfs [btrfs: fix error handling when submitting direct I/O bio]
-
Fixes race leading to null pointer dereference in ext4 [ext4: fix race between ext4_sync_parent() and rename()]
-
Fixes null pointer dereference in ext4 [ext4: fix error pointer dereference]
-
Fixes memory leak in slub allocator [mm/slub: fix a memory leak in sysfs_slab_add()]