Amazon Linux 2 version 2.0.20210126.0 release notes
These are the release notes for Amazon Linux 2 version 2.0.20210126.0.
Major updates
-
Amazon Linux 2 can now connect to its yum repositories over HTTPS. This can be enabled on boot or at runtime. Amazon Linux 2 can now connect to its yum repositories over HTTPS. This can be enabled on boot or at runtime.
Package updates
Amazon Linux 2 includes the following packages.
Packages |
---|
chrony-3.5.1-1.amzn2.0.1.aarch64 |
chrony-3.5.1-1.amzn2.0.1.x86_64 |
cloud-init-19.3-5.amzn2.noarch |
cuda-9.2.88-0.amzn2.x86_64 |
kernel-4.14.214-160.339.amzn2.aarch64 |
kernel-4.14.214-160.339.amzn2.x86_64 |
kernel-devel-4.14.214-160.339.amzn2.x86_64 |
kernel-headers-4.14.214-160.339.amzn2.x86_64 |
kernel-tools-4.14.214-160.339.amzn2.aarch64 |
kernel-tools-4.14.214-160.339.amzn2.x86_64 |
kpatch-runtime-0.9.2-4.amzn2.noarch |
libsss_idmap-1.16.5-10.amzn2.6.aarch64 |
libsss_idmap-1.16.5-10.amzn2.6.x86_64 |
libsss_nss_idmap-1.16.5-10.amzn2.6.aarch64 |
libsss_nss_idmap-1.16.5-10.amzn2.6.x86_64 |
ncurses-compat-libs-6.0-8.20170212.amzn2.1.3.x86_64 |
nettle-2.7.1-8.amzn2.0.2.aarch64 |
nettle-2.7.1-8.amzn2.0.2.x86_64 |
p11-kit-0.23.22-1.amzn2.0.1.aarch64 |
p11-kit-0.23.22-1.amzn2.0.1.x86_64 |
p11-kit-trust-0.23.22-1.amzn2.0.1.aarch64 |
p11-kit-trust-0.23.22-1.amzn2.0.1.x86_64 |
sssd-client-1.16.5-10.amzn2.6.aarch64 |
sssd-client-1.16.5-10.amzn2.6.x86_64 |
sudo-1.8.23-4.amzn2.2.1.aarch64 |
sudo-1.8.23-4.amzn2.2.1.x86_64 |
tzdata-2020d-2.amzn2.noarch |
xorg-x11-server-common-1.20.4-15.amzn2.0.1.x86_64 |
xorg-x11-server-Xorg-1.20.4-15.amzn2.0.1.x86_64 |
Kernel updates
Rebase kernel to upstream stable 4.14.214.
CVEs fixed:
-
CVE-2019-19813 [btrfs: inode: Verify inode mode to avoid NULL pointer dereference]
-
CVE-2019-19816 [btrfs: inode: Verify inode mode to avoid NULL pointer dereference]
-
CVE-2020-29661 [tty: Fix ->pgrp locking in tiocspgrp()]
-
CVE-2020-29660 [tty: Fix ->session locking]
-
CVE-2020-27830 [speakup: Reject setting the speakup line discipline outside of speakup]
-
CVE-2020-27815 [jfs: Fix array index bounds check in dbAdjTree]
-
CVE-2020-29568 [xen/xenbus: Allow watches discard events before queueing]
-
CVE-2020-29569 [xen-blkback: set ring->xenblkd to NULL after kthread_stop()]
Amazon Features and Backports:
-
SMB3: Adds support for getting and setting SACLs
-
Adds SMB 2 support for getting and setting SACLs
Other Fixes:
-
mm: memcontrol: Fixes excessive complexity in memory.stat reporting
-
PCI: Fixes pci_slot_release() NULL pointer dereference
-
ext4: Fixes deadlock with fs freezing and EA inodes
-
ext4: Fixes a memory leak of ext4_free_data
-
sched/deadline: Fixes sched_dl_global_validate()
-
cifs: Fixes potential use-after-free in cifs_echo_request()
-
btrfs: Fixes return value mixup in btrfs_get_extent
-
btrfs: Fixes lockdep splat when reading qgroup config on mount