Amazon Linux 2.0.20201111.0 release notes - Amazon Linux 2

Amazon Linux 2.0.20201111.0 release notes

Amazon Linux 2 was updated.

Major updates

Amazon Linux 2 includes the following update.

  • The glibc bug fix for time calculation errors when using dates after 2038

  • Improved instance launch time

    • The new dracut-config-ec2 package ensures that the initramfs that are built for use inside EC2 don’t include extra files that aren’t used by default inside EC2. This has a small but measurable effect in reducing the time it takes to launch an Amazon Linux 2 EC2 instance. Note that, if you're reconfiguring your instance to use an LVM or software-RAID boot device, we recommend that you remove this package and generate an initramfs containing support for these virtual devices. Do this by running the following command:

      yum remove -y dracut-config-ec2 dracut -f

      This can be automated using cloud-init with the following cloud-config:

      #cloud-config runcmd: - yum remove -y dracut-config-ec2 - dracut –force

Package updates

More specifically, in this release, Amazon Linux 2 includes the following package updates.

Updated Packages (Old version → New version)

amazon-ssm-agent: 2.3.1319.0-1. → 3.0.161.0-1.

bash: 4.2.46-33. → 4.2.46-34.

cpio: 2.11-27. → 2.11-28.

e2fsprogs: None → 1.42.9-19.

e2fsprogs-libs: None → 1.42.9-19.

expat: None → 2.1.0-12.

glibc: 2.26-35. → 2.26-38.

glibc-all-langpacks: 2.26-35. → 2.26-38.

glibc-common: 2.26-35. → 2.26-38.

glibc-locale-source: 2.26-35. → 2.26-38.

glibc-minimal-langpack: 2.26-35. → 2.26-38.

hunspell: None → 1.3.2-16.

kernel: 4.14.193-149.317. → 4.14.203-156.332.

kernel-tools: 4.14.193-149.317. → 4.14.203-156.332.

libcroco: None → 0.6.12-6.

libcrypt: 2.26-35. → 2.26-38.

libmspack: 0.5-0.7.alpha. → 0.5-0.8.alpha.

libpng: None → 1.5.13-8.

libss: None → 1.42.9-19.

libtiff: 4.0.3-32. → 4.0.3-35.

libxslt: None → 1.1.28-6.

mariadb-libs: 5.5.64-1. → 5.5.68-1.

nspr: None → 4.25.0-2.

nss: 3.44.0-7. → 3.53.1-3.

nss-softokn: 3.44.0-8. → 3.53.1-6.

nss-softokn-freebl: 3.44.0-8. → 3.53.1-6.

nss-sysinit: 3.44.0-7. → 3.53.1-3.

nss-tools: 3.44.0-7. → 3.53.1-3.

nss-util: 3.44.0-4. → 3.53.1-1.

openldap: 2.4.44-15. → 2.4.44-22.

unzip: 6.0-20. → 6.0-21.

aws-cfn-bootstrap: None → 1.4-34.

dracut-config-ec2: None → 1.0-1.

ec2-net-utils: 1.4-2. → 1.4-3.

ec2-utils: 1.2-1. → 1.2-3.

glibc-devel: 2.26-35. → 2.26-38.

glibc-headers: 2.26-35. → 2.26-38.

kernel-devel: 4.14.193-149.317. → 4.14.203-156.332.

kernel-headers: 4.14.193-149.317. → 4.14.203-156.332.

nvidia: 418.87.00-0. → 450.80.02-0.

nvidia-dkms: 418.87.00-0. → 450.80.02-0.

glibc-langpack-en: 2.26-35. → 2.26-38.

Kernel updates

Rebase kernel to upstream stable 4.14.203.

CVEs fixed:

  • CVE-2020-12352 [Bluetooth: A2MP: Fixes the issue of not initializing all members]

  • CVE-2020-12351 [Bluetooth: L2CAP: Fixes the issue of calling sk_filter on non-socket based channel]

  • CVE-2020-24490 [Bluetooth: Fixes kernel oops in store_pending_adv_report]

  • CVE-2020-25211 [netfilter: ctnetlink: Adds a range check for l3/l4 protonum]

  • CVE-2020-0423 [binder: Fixes UAF when releasing todo list]

  • CVE-2020-14386 [net/packet: Fixes overflow in tpacket_rcv]

Other Fixes:

  • Soft lockup Issue during writeback in presence of memory reclaim

  • Fix CIFS trailing characters