Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

Amazon Linux 2 version 2.0.20211201.0 release notes

Focus mode
Amazon Linux 2 version 2.0.20211201.0 release notes - Amazon Linux 2

These are the release notes for Amazon Linux 2 version 2.0.20211201.0.

Major updates

  • Updated NSS to fix CVE-2021-43527. Network Security Services (NSS) up to and including version 3.73 is vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications that use NSS for handling signatures that are encoded within CMS, S/MIME, PKCS \#7, or PKCS \#12 are likely to be impacted. Applications that use NSS for certificate validation or other TLS, X.509, OCSP, or CRL functionality might be impacted. This depends on how they configure NSS. When verifying a DER-encoded signature, NSS decodes the signature into a fixed-size buffer and passes the buffer to the underlying PKCS \#11 module. The length of the signature isn't correctly checked when processing DSA and RSA-PSS signatures. DSA and RSA-PSS signatures larger than 16,384 bits overflows the buffer in VFYContextStr. The vulnerable code is located within secvfy.c:vfy_CreateContext.

Package updates

Amazon Linux 2 includes the following packages.

  • nspr-4.32.0-1.amzn2.aarch64

  • nspr-4.32.0-1.amzn2.x86_64

  • nss-3.67.0-4.amzn2.0.1.aarch64

  • nss-3.67.0-4.amzn2.0.1.x86_64

  • nss-softokn-3.67.0-3.amzn2.aarch64

  • nss-softokn-3.67.0-3.amzn2.x86_64

  • nss-softokn-freebl-3.67.0-3.amzn2.aarch6

  • nss-softokn-freebl-3.67.0-3.amzn2.x86_64

  • nss-sysinit-3.67.0-4.amzn2.0.1.aarch64

  • nss-sysinit-3.67.0-4.amzn2.0.1.x86_64

  • nss-tools-3.67.0-4.amzn2.0.1.aarch64

  • nss-tools-3.67.0-4.amzn2.0.1.x86_64

  • nss-util-3.67.0-1.amzn2.aarch64

  • nss-util-3.67.0-1.amzn2.x86_64

  • selinux-policy-3.13.1-268.amzn2.2.2.noarch

  • selinux-policy-targeted-3.13.1-268.amzn2.2.2.noarch

Kernel updates

None.

On this page

PrivacySite termsCookie preferences
© 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved.