Amazon Linux 05/29/2020 release notes - Amazon Linux 2
Major updatesPackage updatesKernel updates
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Amazon Linux 05/29/2020 release notes

Amazon Linux 2 was updated.

Major updates

Amazon Linux 2 includes the following update.

  • Kernel includes fix for Important ALAS: https://alas.aws.amazon.com/AL2/ALAS-2020-1425.html

  • Amazon Linux 2 Customers are encouraged to try out Kernel Live Patching Public Preview, which would apply CVE fixes without a reboot. See https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/al2-live-patching.html

Package updates

Amazon Linux 2 includes the following packages.

Packages

aws-cfn-bootstrap-1.4-32.amzn2.0.1

awscli-1.16.300-1.amzn2.0.2

bind-export-libs-9.11.4-9.P2.amzn2.0.3

bind-libs-9.11.4-9.P2.amzn2.0.3

bind-libs-lite-9.11.4-9.P2.amzn2.0.3.

bind-license-9.11.4-9.P2.amzn2.0.3

bind-utils-9.11.4-9.P2.amzn2.0.3

freeglut-3.0.0-8.amzn2

freetype-2.8-14.amzn2

gdisk-0.8.10-3.amzn2

glib2-2.56.1-5.amzn2.0.1

gnupg2-2.0.22-5.amzn2.0.4

kernel-4.14.177-139.254.amzn2

kernel-tools-4.14.177-139.254.amzn2

langtable-0.0.31-4.amzn2

langtable-data-0.0.31-4

langtable-python-0.0.31-4

libX11-1.6.7-2.amzn2

libX11-common-1.6.7-2.amzn2

libXfont2-2.0.3-1.amzn2

libXrandr-1.5.1-2.amzn2.0.3

libdrm-2.4.97-2.amzn2

libfastjson-0.99.4-3.amzn2

libglvnd-1.0.1-0.1.git5baa1e5.amzn2.0.1

libglvnd-egl-1.0.1-0.1.git5baa1e5.amzn2.0.1

libglvnd-gles-1.0.1-0.1.git5baa1e5.amzn2.0.1

libglvnd-glx-1.0.1-0.1.git5baa1e5.amzn2.0.1

libicu-50.2-4.amzn2, libpng-1.5.13-7.amzn2.0.2

libtirpc-0.2.4-0.16.amzn2

libwayland-client-1.17.0-1.amzn2

libwayland-server-1.17.0-1.amzn2

mesa-libEGL-18.3.4-5.amzn2.0.1

mesa-libGL-18.3.4-5.amzn2.0.1

mesa-libgbm-18.3.4-5.amzn2.0.1

mesa-libglapi-18.3.4-5.amzn2.0.1

microcode_ctl-2.1-47.amzn2.0.6

openssl-1.0.2k-19.amzn2.0.3

openssl-libs-1.0.2k-19.amzn2.0.3

python-pillow-2.0.0-20.gitd1c6db8.amzn2.0.1

python2-rpm-4.11.3-40.amzn2.0.4

rpm-4.11.3-40.amzn2.0.4

rpm-build-libs-4.11.3-40.amzn2.0.4

rpm-libs-4.11.3-40.amzn2.0.4

rpm-plugin-systemd-inhibit-4.11.3-40.amzn2.0.4

selinux-policy-3.13.1-192.amzn2.6.1

selinux-policy-targeted-3.13.1-192.amzn2.6.1

sudo-1.8.23-4.amzn2.2

xorg-x11-server-Xorg-1.20.4-7.amzn2.0.2

xorg-x11-server-common-1.20.4-7.amzn2.0.2

yum-3.4.3-158.amzn2.0.4

Kernel updates

Rebase kernel to upstream stable 4.14.177.

CVEs fixed:

  • CVE-2020-10711 [netlabel: cope with NULL catmap]

  • CVE-2020-12826 [Extend exec_id to 64bits]

  • CVE-2020-12657 [block, bfq: fix use-after-free in bfq_idle_slice_timer_body]

  • CVE-2020-11565 [mm: mempolicy: require at least one nodeid for MPOL_PREFERRED]

  • CVE-2020-8648 [vt: selection, close sel_buffer race]

  • CVE-2020-1094 [vhost: Check docket sk_family instead of call getname]

  • CVE-2020-8649 [vgacon: Fix a UAF in vgacon_invert_region]

  • CVE-2020-8647 [vgacon: Fix a UAF in vgacon_invert_region]

  • CVE-2020-8648 [vt: selection, close sel_buffer race]

Other Fixes:

  • Divide by zero scheduler fix

  • Enabled L2TP in the configuration