# Amazon Linux 2 version 2.0.20201111.0 release notes
<a name="relnotes-20201111"></a>

These are the release notes for Amazon Linux 2 version 2.0.20201111.0.

## Major updates
<a name="major-updates-20201111"></a>
+ The glibc bug fix for time calculation errors when using dates after 2038
+ Improved instance launch time 
  + The new dracut-config-ec2 package ensures that the initramfs that are built for use inside EC2 don’t include extra files that aren’t used by default inside EC2. This has a small but measurable effect in reducing the time it takes to launch an Amazon Linux 2 EC2 instance. Note that, if you're reconfiguring your instance to use an LVM or software-RAID boot device, we recommend that you remove this package and generate an initramfs containing support for these virtual devices. Do this by running the following command:

    ```
    $ yum remove -y dracut-config-ec2
    dracut -f
    ```

    This can be automated using cloud-init with the following cloud-config:

    ```
    #cloud-config
    runcmd:
    - yum remove -y dracut-config-ec2
    - dracut –force
    ```

## Package updates
<a name="package-updates-20201111"></a>

More specifically, in this release, Amazon Linux 2 includes the following package updates.


| Updated Packages (Old version → New version) | 
| --- | 
|  amazon-ssm-agent: 2.3.1319.0-1. → 3.0.161.0-1.  | 
|  bash: 4.2.46-33. → 4.2.46-34.  | 
|  cpio: 2.11-27. → 2.11-28.  | 
|  e2fsprogs: None → 1.42.9-19.  | 
|  e2fsprogs-libs: None → 1.42.9-19.  | 
|  expat: None → 2.1.0-12.  | 
|  glibc: 2.26-35. → 2.26-38.  | 
|  glibc-all-langpacks: 2.26-35. → 2.26-38.  | 
|  glibc-common: 2.26-35. → 2.26-38.  | 
|  glibc-locale-source: 2.26-35. → 2.26-38.  | 
|  glibc-minimal-langpack: 2.26-35. → 2.26-38.  | 
|  hunspell: None → 1.3.2-16.  | 
|  kernel: 4.14.193-149.317. → 4.14.203-156.332.  | 
|  kernel-tools: 4.14.193-149.317. → 4.14.203-156.332.  | 
|  libcroco: None → 0.6.12-6.  | 
|  libcrypt: 2.26-35. → 2.26-38.  | 
|  libmspack: 0.5-0.7.alpha. → 0.5-0.8.alpha.  | 
|  libpng: None → 1.5.13-8.  | 
|  libss: None → 1.42.9-19.  | 
|  libtiff: 4.0.3-32. → 4.0.3-35.  | 
|  libxslt: None → 1.1.28-6.  | 
|  mariadb-libs: 5.5.64-1. → 5.5.68-1.  | 
|  nspr: None → 4.25.0-2.  | 
|  nss: 3.44.0-7. → 3.53.1-3.  | 
|  nss-softokn: 3.44.0-8. → 3.53.1-6.  | 
|  nss-softokn-freebl: 3.44.0-8. → 3.53.1-6.  | 
|  nss-sysinit: 3.44.0-7. → 3.53.1-3.  | 
|  nss-tools: 3.44.0-7. → 3.53.1-3.  | 
|  nss-util: 3.44.0-4. → 3.53.1-1.  | 
|  openldap: 2.4.44-15. → 2.4.44-22.  | 
|  unzip: 6.0-20. → 6.0-21.  | 
|  aws-cfn-bootstrap: None → 1.4-34.  | 
|  dracut-config-ec2: None → 1.0-1.  | 
|  ec2-net-utils: 1.4-2. → 1.4-3.  | 
|  ec2-utils: 1.2-1. → 1.2-3.  | 
|  glibc-devel: 2.26-35. → 2.26-38.  | 
|  glibc-headers: 2.26-35. → 2.26-38.  | 
|  kernel-devel: 4.14.193-149.317. → 4.14.203-156.332.  | 
|  kernel-headers: 4.14.193-149.317. → 4.14.203-156.332.  | 
|  nvidia: 418.87.00-0. → 450.80.02-0.  | 
|  nvidia-dkms: 418.87.00-0. → 450.80.02-0.  | 
|  glibc-langpack-en: 2.26-35. → 2.26-38.  | 

## Kernel updates
<a name="kernel-updates-20201111"></a>

Rebase kernel to upstream stable 4.14.203.

CVEs fixed:
+ CVE-2020-12352 [Bluetooth: A2MP: Fixes the issue of not initializing all members]
+ CVE-2020-12351 [Bluetooth: L2CAP: Fixes the issue of calling sk\$1filter on non-socket based channel]
+ CVE-2020-24490 [Bluetooth: Fixes kernel oops in store\$1pending\$1adv\$1report]
+ CVE-2020-25211 [netfilter: ctnetlink: Adds a range check for l3/l4 protonum]
+ CVE-2020-0423 [binder: Fixes UAF when releasing todo list]
+ CVE-2020-14386 [net/packet: Fixes overflow in tpacket\$1rcv]

Other Fixes:
+ Soft lockup Issue during writeback in presence of memory reclaim
+ Fix CIFS trailing characters