Amazon Linux 2 version 2.0.20211103.0 release notes
These are the release notes for Amazon Linux 2 version 2.0.20211103.0.
Major updates
-
system-releasewas updated to point the Amazon Linux repositories to the Amazon S3 dual stack IPv4/IPv6 endpoint.Note
The package data itself is still served from IPv4-only endpoints.
Package updates
Amazon Linux 2 includes the following packages.
| Packages |
|---|
|
aws-cfn-bootstrap-2.0-9.amzn2.noarch |
|
dracut-config-ec2-2.0-2.amzn2.noarch |
|
ec2-instance-connect-1.1-15.amzn2.noarch |
|
glibc-2.26-56.amzn2.aarch64 |
|
glibc-2.26-56.amzn2.x86_64 |
|
glibc-all-langpacks-2.26-56.amzn2.aarch64 |
|
glibc-all-langpacks-2.26-56.amzn2.x86_64 |
|
glibc-common-2.26-56.amzn2.aarch64 |
|
glibc-common-2.26-56.amzn2.x86_64 |
|
glibc-devel-2.26-56.amzn2.x86_64 |
|
glibc-headers-2.26-56.amzn2.x86_64 |
|
glibc-langpack-en-2.26-56.amzn2.aarch64 |
|
glibc-langpack-en-2.26-56.amzn2.x86_64 |
|
glibc-locale-source-2.26-56.amzn2.aarch64 |
|
glibc-locale-source-2.26-56.amzn2.x86_64 |
|
glibc-minimal-langpack-2.26-56.amzn2.aarch64 |
|
glibc-minimal-langpack-2.26-56.amzn2.x86_64 |
|
kernel-4.14.252-195.483.amzn2.aarch64 |
|
kernel-4.14.252-195.483.amzn2.x86_64 |
|
kernel-devel-4.14.252-195.483.amzn2.x86_64 |
|
kernel-headers-4.14.252-195.483.amzn2.x86_64 |
|
kernel-tools-4.14.252-195.483.amzn2.aarch64 |
|
kernel-tools-4.14.252-195.483.amzn2.x86_64 |
|
kpatch-runtime-0.9.4-2.amzn2.noarch |
|
libcrypt-2.26-56.amzn2.aarch64 |
|
libcrypt-2.26-56.amzn2.x86_64 |
|
openssl-1.0.2k-19.amzn2.0.10.aarch64 |
|
openssl-1.0.2k-19.amzn2.0.10.x86_64 |
|
openssl-libs-1.0.2k-19.amzn2.0.10.aarch64 |
|
openssl-libs-1.0.2k-19.amzn2.0.10.x86_64 |
|
system-release-2-14.amzn2.aarch64 |
|
system-release-2-14.amzn2.x86_64 |
Kernel updates
Rebase kernel to upstream stable 4.14.252.
CVEs fixed:
-
CVE-2021-37159 [usb: hso: fix error handling code of hso_create_net_device]
-
CVE-2021-3744 [crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()]
-
CVE-2021-3764 [crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()]
-
CVE-2021-20317 [lib/timerqueue: Rely on rbtree semantics for next timer]
-
CVE-2021-20321 [ovl: fix missing negative dentry check in ovl_rename()]
-
CVE-2021-41864 [bpf: Fix integer overflow in prealloc_elems_and_freelist()]
Amazon Features and Backports:
-
Enable nitro-enclaves driver for arm64
Other Fixes:
-
md: Fixes a lock order reversal in md_alloc
-
arm64: Marks stack_chk_guard as ro_after_init
-
cpufreq: schedutil: Uses kobject release() method to free sugov_tunables
-
cpufreq: schedutil: Destroys mutex before kobject_put() frees the memory
-
ext4: Fixes potential infinite loop in ext4_dx_readdir()
-
nfsd4: Handles the NFSv4 READDIR 'dircount' hint being zero
-
net_sched: Fixes NULL deref in fifo_set_limit()
-
perf/x86: Resets destroy callback on event init failure
-
virtio: Writes back F_VERSION_1 before validation
