# Amazon Linux 2 version 2.0.20210219.0 release notes
<a name="relnotes-20210219"></a>

These are the release notes for Amazon Linux 2 version 2.0.20210219.0.

## Major updates
<a name="major-updates-20210219"></a>

None.

## Package updates
<a name="package-updates-20210219"></a>

Amazon Linux 2 includes the following packages.


| Packages | 
| --- | 
|  boost-date-time-1.53.0-27.amzn2.0.5.x86\$164  | 
|  boost-system-1.53.0-27.amzn2.0.5.x86\$164  | 
|  boost-thread-1.53.0-27.amzn2.0.5.x86\$164  | 
|  ca-certificates-2020.2.41-70.0.amzn2.0.1.noarch  | 
|  glibc-2.26-41.amzn2.aarch64  | 
|  glibc-2.26-41.amzn2.x86\$164  | 
|  glibc-all-langpacks-2.26-41.amzn2.aarch64  | 
|  glibc-all-langpacks-2.26-41.amzn2.x86\$164  | 
|  glibc-common-2.26-41.amzn2.aarch64  | 
|  glibc-common-2.26-41.amzn2.x86\$164  | 
|  glibc-devel-2.26-41.amzn2.x86\$164  | 
|  glibc-headers-2.26-41.amzn2.x86\$164  | 
|  glibc-langpack-en-2.26-41.amzn2.aarch64  | 
|  glibc-langpack-en-2.26-41.amzn2.x86\$164  | 
|  glibc-locale-source-2.26-41.amzn2.aarch64  | 
|  glibc-locale-source-2.26-41.amzn2.x86\$164  | 
|  glibc-minimal-langpack-2.26-41.amzn2.aarch64  | 
|  glibc-minimal-langpack-2.26-41.amzn2.x86\$164  | 
|  kernel-4.14.219-161.340.amzn2.aarch64  | 
|  kernel-4.14.219-161.340.amzn2.x86\$164  | 
|  kernel-devel-4.14.219-161.340.amzn2.x86\$164  | 
|  kernel-headers-4.14.219-161.340.amzn2.x86\$164  | 
|  kernel-tools-4.14.219-161.340.amzn2.aarch64  | 
|  kernel-tools-4.14.219-161.340.amzn2.x86\$164  | 
|  libcrypt-2.26-41.amzn2.aarch64  | 
|  libcrypt-2.26-41.amzn2.x86\$164  | 
|  openssl-1.0.2k-19.amzn2.0.6.aarch64  | 
|  openssl-1.0.2k-19.amzn2.0.6.x86\$164  | 
|  openssl-libs-1.0.2k-19.amzn2.0.6.aarch64  | 
|  openssl-libs-1.0.2k-19.amzn2.0.6.x86\$164  | 
|  perl-5.16.3-299.amzn2.0.1.aarch64  | 
|  perl-5.16.3-299.amzn2.0.1.x86\$164  | 
|  perl-libs-5.16.3-299.amzn2.0.1.aarch64  | 
|  perl-libs-5.16.3-299.amzn2.0.1.x86\$164  | 
|  perl-macros-5.16.3-299.amzn2.0.1.aarch64  | 
|  perl-macros-5.16.3-299.amzn2.0.1.x86\$164  | 
|  perl-Pod-Escapes-1.04-299.amzn2.0.1.noarch  | 
|  pygpgme-0.3-9.amzn2.0.3.aarch64  | 
|  pygpgme-0.3-9.amzn2.0.3.x86\$164  | 
|  python-2.7.18-1.amzn2.0.3.aarch64  | 
|  python-2.7.18-1.amzn2.0.3.x86\$164  | 
|  python-devel-2.7.18-1.amzn2.0.3.aarch64  | 
|  python-devel-2.7.18-1.amzn2.0.3.x86\$164  | 
|  python-libs-2.7.18-1.amzn2.0.3.aarch64  | 
|  python-libs-2.7.18-1.amzn2.0.3.x86\$164  | 
|  rng-tools-6.8-3.amzn2.0.5.aarch64  | 
|  rng-tools-6.8-3.amzn2.0.5.x86\$164  | 
|  selinux-policy-3.13.1-192.amzn2.6.7.noarch  | 
|  selinux-policy-targeted-3.13.1-192.amzn2.6.7.noarch  | 
|  sudo-1.8.23-10.amzn2.1.aarch64  | 
|  sudo-1.8.23-10.amzn2.1.x86\$164  | 
|  unzip-6.0-43.amzn2.aarch64  | 
|  unzip-6.0-43.amzn2.x86\$164  | 

## Kernel updates
<a name="kernel-updates-20210219"></a>

Rebase kernel to upstream stable 4.14.219.

CVEs fixed:
+ CVE-2020-28374 [scsi: target: Fixes XCOPY NAA identifier lookup]
+ CVE-2021-3178 [nfsd4: readdirplus shouldn't return parent of export]
+ CVE-2020-27825 [tracing: Fixes race in trace\$1open and buffer resize call]
+ CVE-2021-3347 [futex: Ensures the correct return value from futex\$1lock\$1pi()]
+ CVE-2021-3348 [nbd: Freezes the queue while we're adding connections]

Amazon Features and Backports:
+ NFS: Do uncached readdir when we're seeking a cookie in an empty page cache

Other Fixes:


| Fixes | 
| --- | 
|  virtio\$1net: Fixes issue of recursive call to cpus\$1read\$1lock()  | 
|  net-sysfs: Uses the rtnl lock when storing xps\$1cpus  | 
|  net: ethernet: ti: cpts: Fixes ethtool output when no ptp\$1clock registered  | 
|  vhost\$1net: Fixes ubuf refcount incorrectly when sendmsg fails  | 
|  net-sysfs: Uses the rtnl lock when accessing xps\$1cpus\$1map and num\$1tc  | 
|  crypto: ecdh - Avoids buffer overflow in ecdh\$1set\$1secret()  | 
|  x86/mm: Fixes leak of pmd ptlock  | 
|  KVM: x86: Fixes shift out of bounds reported by UBSAN  | 
|  net: ip: Always refragment ip defragmented packets  | 
|  x86/resctrl: Uses an IPI instead of task\$1work\$1add() to update PQR\$1ASSOC MSR  | 
|  x86/resctrl: Doesn't move a task to the same resource group  | 
|  cpufreq: powernow-k8: Passes policy rather than use cpufreq\$1cpu\$1get()  | 
|  iommu/intel: Fixed memleak in intel\$1irq\$1remapping\$1alloc  | 
|  KVM: arm64: Doesn't access PMCR\$1EL0 when no PMU is available  | 
|  mm/hugetlb: Fixes potential missing huge page size info  | 
|  dm snapshot: Adds flush merged data before committing metadata  | 
|  ext4: Fixes bug for rename with RENAME\$1WHITEOUT  | 
|  NFS4: Fixes use-after-free in trace\$1event\$1raw\$1event\$1nfs4\$1set\$1lock  | 
|  ext4: Fixes superblock checksum failure when setting password salt  | 
|  mm, slub: Considers rest of partial list if acquire\$1slab() fails  | 
|  rxrpc: Fixes handling of an unsupported token type in rxrpc\$1read()  | 
|  tipc: Fixes NULL deref in tipc\$1link\$1xmit()  | 
|  net: Uses skb\$1list\$1del\$1init() to remove from RX sublists  | 
|  net: Introduces skb\$1list\$1walk\$1safe for skb segment walking  | 
|  dm: Avoids filesystem lookup in dm\$1get\$1dev\$1t()  | 
|  skbuff: Backs tiny skbs with kmalloc() in \$1\$1netdev\$1alloc\$1skb() too  | 
|  tracing: Fixed race in trace\$1open and buffer resize call  | 
|  x86/boot/compressed: Disables relocation relaxation  | 
|  nbd: Freezes the queue while we're adding connections  | 
|  KVM: x86: Gets smi pending status correctly  | 
|  x86/entry/64/compat: Preserves r8-r11 in int \$10x80  | 
|  x86/entry/64/compat: Fixes x86/entry/64/compat: Preserve r8-r11 in int \$10x80  |