Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

Preferences
Contact Us
Feedback
AWS Documentation
Create an AWS Account
Amazon Linux 2 06/17/2020 release notes - Amazon Linux 2
Major updatesPackage updatesKernel updates

Amazon Linux 2 06/17/2020 release notes

RSS

These are release notes for Amazon Linux 2.

Major updates

  • Python 2.7 updated to most recent upstream version - 2.7.18.

    Note

    Amazon Linux will continue to provide security fixes to Python 2.7 according to our Amazon Linux 2 support timeline. See Amazon Linux 2 FAQs.

  • ca-certificates fix for Sectigo intermediate CA expiration

    Note

    For more information, see this forum thread.

  • New Kernel with fixes for five CVEs (see below).

Package updates

Amazon Linux 2 includes the following packages.

Packages

amazon-linux-extras-1.6.11-1

bind-export-libs-9.11.4-9

ca-certificates-2019.2.32-76

cloud-init-19.3-3,freetype-2.8-14

gdisk-0.8.10-3,glib2-2.56.1-5

kernel-4.14.181-140.257

libicu-50.2-4

libpng-1.5.13-7

python-2.7.18-1

python-devel-2.7.18-1

python-libs-2.7.18-1

python2-rpm-4.11.3-40

rpm-4.11.3-40

rpm-build-libs-4.11.3-40

rpm-libs-4.11.3-40

rpm-plugin-systemd-inhibit-4.11.3-40

selinux-policy-3.13.1-192

selinux-policy-targeted-3.13.1-192

yum-3.4.3-1

Kernel updates

Rebase kernel to upstream stable 4.14.181.

Updated ENA module to version 2.2.8.

CVEs fixed:

  • CVE-2019-19319 [ext4: Protects journal inode's blocks using block_validity]

  • CVE-2020-10751 [selinux: Properly handles multiple messages in selinux_netlink_send()]

  • CVE-2020-1749 [net: ipv6_stub: Uses ip6_dst_lookup_flow instead of ip6_dst_lookup]

  • CVE-2019-19768 [blktrace: Protects q->blk_trace with RCU]

  • CVE-2020-12770 [scsi: sg: Adds sg_remove_request in sg_write]

Other Fixes:

  • Fix for a deadlock condition in xen-blkfront [xen-blkfront: Delay flush till queue lock dropped]

  • Fix for ORC unwinding [x86/unwind/orc: Fix unwind_get_return_address_ptr() for inactive tasks]

Next topic:

May 29, 2020

Previous topic:

July 22, 2020

Need help?

PrivacySite termsCookie preferences
© 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved.