# Amazon Linux 2 version 2.0.20200722.0 release notes
<a name="relnotes-20200722"></a>

These are the release notes for Amazon Linux 2 version 2.0.20200722.0.

## Major updates
<a name="major-updates-20200722"></a>
+ This update contains security updates for libxml2 and thunderbird as well as a dependency bug fix for system-rpm-config.

## Package updates
<a name="package-updates-20200722"></a>

Amazon Linux 2 includes the following packages.
+ kernel-4.14.186-146.268.amzn2
+ libxml2-2.9.1-6.amzn2.4.1
+ qemu-3.1.0-8.amzn2.0.3
+ system-rpm-config-9.1.0-76.amzn2.0.10
+ thunderbird-68.10.0-1.amzn2

## Kernel updates
<a name="kernel-updates-20200722"></a>

Rebase kernel to upstream stable 4.14.186.

Update ENA module to version 2.2.10g.

CVEs fixed:
+ CVE-2018-20669 [Makes 'user\$1access\$1begin()' do 'access\$1ok()']
+ CVE-2019-19462 [kernel/relay.c: Handles alloc\$1percpu returning NULL in relay\$1open]
+ CVE-2020-0543 [Addressed in microcode]
+ CVE-2020-10732 [fs/binfmt\$1elf.c: Allocates initialized memory in fill\$1thread\$1core\$1info()]
+ CVE-2020-10757 [mm: Fixes mremap not considering huge pmd devmap]
+ CVE-2020-10766 [x86/speculation: Prepares for per task indirect branch speculation control]
+ CVE-2020-10767 [x86/speculation: Avoids force-disabling IBPB based on STIBP and enhanced IBRS]
+ CVE-2020-10768 [x86/speculation: PR\$1SPEC\$1FORCE\$1DISABLE enforcement for indirect branches]
+ CVE-2020-12771 [bcache: Fixes potential deadlock problem in btree\$1gc\$1coalesce]
+ CVE-2020-12888 [vfio-pci: Invalidates mmaps and block MMIO access on disabled memory]

Other Fixes:
+ Fixes disallowing holes in swap files [iomap: don't allow holes in swapfiles]
+ Fixes populating cache information [ACPI/PPTT: Handle architecturally unknown cache types]
+ Fixes memory leaks in vfio/pci [vfio/pci: fix memory leaks in alloc\$1perm\$1bits()]
+ Fixes error handling in btrfs [btrfs: fix error handling when submitting direct I/O bio]
+ Fixes race leading to null pointer dereference in ext4 [ext4: fix race between ext4\$1sync\$1parent() and rename()]
+ Fixes null pointer dereference in ext4 [ext4: fix error pointer dereference]
+ Fixes memory leak in slub allocator [mm/slub: fix a memory leak in sysfs\$1slab\$1add()]