Amazon Linux 2.0.20201111.0 release notes - Amazon Linux 2
Major updatesPackage updatesKernel updates
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Amazon Linux 2.0.20201111.0 release notes

Amazon Linux 2 was updated.

Major updates

Amazon Linux 2 includes the following update.

  • The glibc bug fix for time calculation errors when using dates after 2038

  • Improved instance launch time

    • The new dracut-config-ec2 package ensures that the initramfs that are built for use inside EC2 don’t include extra files that aren’t used by default inside EC2. This has a small but measurable effect in reducing the time it takes to launch an Amazon Linux 2 EC2 instance. Note that, if you're reconfiguring your instance to use an LVM or software-RAID boot device, we recommend that you remove this package and generate an initramfs containing support for these virtual devices. Do this by running the following command:

      $ yum remove -y dracut-config-ec2
dracut -f

      This can be automated using cloud-init with the following cloud-config:

      #cloud-config
runcmd:
- yum remove -y dracut-config-ec2
- dracut –force

Package updates

More specifically, in this release, Amazon Linux 2 includes the following package updates.

Updated Packages (Old version → New version)

amazon-ssm-agent: 2.3.1319.0-1. → 3.0.161.0-1.

bash: 4.2.46-33. → 4.2.46-34.

cpio: 2.11-27. → 2.11-28.

e2fsprogs: None → 1.42.9-19.

e2fsprogs-libs: None → 1.42.9-19.

expat: None → 2.1.0-12.

glibc: 2.26-35. → 2.26-38.

glibc-all-langpacks: 2.26-35. → 2.26-38.

glibc-common: 2.26-35. → 2.26-38.

glibc-locale-source: 2.26-35. → 2.26-38.

glibc-minimal-langpack: 2.26-35. → 2.26-38.

hunspell: None → 1.3.2-16.

kernel: 4.14.193-149.317. → 4.14.203-156.332.

kernel-tools: 4.14.193-149.317. → 4.14.203-156.332.

libcroco: None → 0.6.12-6.

libcrypt: 2.26-35. → 2.26-38.

libmspack: 0.5-0.7.alpha. → 0.5-0.8.alpha.

libpng: None → 1.5.13-8.

libss: None → 1.42.9-19.

libtiff: 4.0.3-32. → 4.0.3-35.

libxslt: None → 1.1.28-6.

mariadb-libs: 5.5.64-1. → 5.5.68-1.

nspr: None → 4.25.0-2.

nss: 3.44.0-7. → 3.53.1-3.

nss-softokn: 3.44.0-8. → 3.53.1-6.

nss-softokn-freebl: 3.44.0-8. → 3.53.1-6.

nss-sysinit: 3.44.0-7. → 3.53.1-3.

nss-tools: 3.44.0-7. → 3.53.1-3.

nss-util: 3.44.0-4. → 3.53.1-1.

openldap: 2.4.44-15. → 2.4.44-22.

unzip: 6.0-20. → 6.0-21.

aws-cfn-bootstrap: None → 1.4-34.

dracut-config-ec2: None → 1.0-1.

ec2-net-utils: 1.4-2. → 1.4-3.

ec2-utils: 1.2-1. → 1.2-3.

glibc-devel: 2.26-35. → 2.26-38.

glibc-headers: 2.26-35. → 2.26-38.

kernel-devel: 4.14.193-149.317. → 4.14.203-156.332.

kernel-headers: 4.14.193-149.317. → 4.14.203-156.332.

nvidia: 418.87.00-0. → 450.80.02-0.

nvidia-dkms: 418.87.00-0. → 450.80.02-0.

glibc-langpack-en: 2.26-35. → 2.26-38.

Kernel updates

Rebase kernel to upstream stable 4.14.203.

CVEs fixed:

  • CVE-2020-12352 [Bluetooth: A2MP: Fixes the issue of not initializing all members]

  • CVE-2020-12351 [Bluetooth: L2CAP: Fixes the issue of calling sk_filter on non-socket based channel]

  • CVE-2020-24490 [Bluetooth: Fixes kernel oops in store_pending_adv_report]

  • CVE-2020-25211 [netfilter: ctnetlink: Adds a range check for l3/l4 protonum]

  • CVE-2020-0423 [binder: Fixes UAF when releasing todo list]

  • CVE-2020-14386 [net/packet: Fixes overflow in tpacket_rcv]

Other Fixes:

  • Soft lockup Issue during writeback in presence of memory reclaim

  • Fix CIFS trailing characters