Amazon Linux 2 version 2.0.20201218.0 release notes - Amazon Linux 2
Major updatesPackage updatesKernel updates

Amazon Linux 2 version 2.0.20201218.0 release notes

These are the release notes for Amazon Linux 2 version 2.0.20201218.0.

Major updates

  • Multiple security updates. For a complete list, see https://alas.aws.amazon.com/.

  • Renewed GPG key

  • Update to system-release to allow for use of HTTPS repositories for Amazon Linux

Package updates

Amazon Linux 2 includes the following packages.

Packages

amazon-linux-extras-1.6.13-1.amzn2.noarch

amazon-linux-extras-yum-plugin-1.6.13-1.amzn2.noarch

bind-export-libs-9.11.4-26.P2.amzn2.2.aarch64

bind-export-libs-9.11.4-26.P2.amzn2.2.x86_64

bind-libs-9.11.4-26.P2.amzn2.2.aarch64

bind-libs-9.11.4-26.P2.amzn2.2.x86_64

bind-libs-lite-9.11.4-26.P2.amzn2.2.aarch64

bind-libs-lite-9.11.4-26.P2.amzn2.2.x86_64

bind-license-9.11.4-26.P2.amzn2.2.noarch

bind-utils-9.11.4-26.P2.amzn2.2.aarch64

bind-utils-9.11.4-26.P2.amzn2.2.x86_64

cairo-1.15.12-4.amzn2.x86_64

cpp-7.3.1-12.amzn2.x86_64

dejavu-fonts-common-2.33-6.amzn2.noarch

dejavu-sans-fonts-2.33-6.amzn2.noarch

dejavu-sans-mono-fonts-2.33-6.amzn2.noarch

dejavu-serif-fonts-2.33-6.amzn2.noarch

fontconfig-2.13.0-4.3.amzn2.x86_64

fontpackages-filesystem-1.44-8.amzn2.noarch

freeglut-devel-3.0.0-8.amzn2.x86_64

freetype-2.8-14.amzn2.1.aarch64

freetype-2.8-14.amzn2.1.x86_64

gcc-7.3.1-12.amzn2.x86_64

gcc-c-7.3.1-12.amzn2.x86_64

giflib-4.1.6-9.amzn2.0.2.x86_64

glibc-2.26-39.amzn2.aarch64

glibc-2.26-39.amzn2.x86_64

glibc-all-langpacks-2.26-39.amzn2.aarch64

glibc-all-langpacks-2.26-39.amzn2.x86_64

glibc-common-2.26-39.amzn2.aarch64

glibc-common-2.26-39.amzn2.x86_64

glibc-devel-2.26-39.amzn2.x86_64

glibc-headers-2.26-39.amzn2.x86_64

glibc-langpack-en-2.26-39.amzn2.aarch64

glibc-langpack-en-2.26-39.amzn2.x86_64

glibc-locale-source-2.26-39.amzn2.aarch64

glibc-locale-source-2.26-39.amzn2.x86_64

glibc-minimal-langpack-2.26-39.amzn2.aarch64

glibc-minimal-langpack-2.26-39.amzn2.x86_64

gl-manpages-1.1-7.20130122.amzn2.noarch

gpg-pubkey-7fa2af80-576db785

java-11-amazon-corretto-11.0.912-1.amzn2.x86_64

java-11-amazon-corretto-headless-11.0.912-1.amzn2.x86_64

javapackages-tools-3.4.1-11.amzn2.noarch

kernel-4.14.209-160.339.amzn2.aarch64

kernel-4.14.209-160.339.amzn2.x86_64

kernel-devel-4.14.209-160.339.amzn2.x86_64

kernel-headers-4.14.209-160.339.amzn2.x86_64

kernel-tools-4.14.209-160.339.amzn2.aarch64

kernel-tools-4.14.209-160.339.amzn2.x86_64

libatomic-7.3.1-12.amzn2.x86_64

libcilkrts-7.3.1-12.amzn2.x86_64

libcrypt-2.26-39.amzn2.aarch64

libcrypt-2.26-39.amzn2.x86_64

libdrm-devel-2.4.97-2.amzn2.x86_64

libgcc-7.3.1-12.amzn2.aarch64

libgcc-7.3.1-12.amzn2.x86_64

libglvnd-core-devel-1.0.1-0.1.git5baa1e5.amzn2.0.1.x86_64

libglvnd-devel-1.0.1-0.1.git5baa1e5.amzn2.0.1.x86_64

libglvnd-opengl-1.0.1-0.1.git5baa1e5.amzn2.0.1.x86_64

libgomp-7.3.1-12.amzn2.aarch64

libgomp-7.3.1-12.amzn2.x86_64

libICE-devel-1.0.9-9.amzn2.0.2.x86_64

libitm-7.3.1-12.amzn2.x86_64

libmpx-7.3.1-12.amzn2.x86_64

libquadmath-7.3.1-12.amzn2.x86_64

libsanitizer-7.3.1-12.amzn2.x86_64

libSM-devel-1.2.2-2.amzn2.0.2.x86_64

libstdc-7.3.1-12.amzn2.aarch64

libstdc-7.3.1-12.amzn2.x86_64

libvdpau-1.1.1-3.amzn2.0.2.x86_64

libX11-1.6.7-3.amzn2.x86_64

libX11-common-1.6.7-3.amzn2.noarch

libX11-devel-1.6.7-3.amzn2.x86_64

libXau-devel-1.0.8-2.1.amzn2.0.2.x86_64

libxcb-devel-1.12-1.amzn2.0.2.x86_64

libXdamage-devel-1.1.4-4.1.amzn2.0.2.x86_64

libXext-devel-1.3.3-3.amzn2.0.2.x86_64

libXfixes-devel-5.0.3-1.amzn2.0.2.x86_64

libXi-devel-1.7.9-1.amzn2.0.2.x86_64

libXmu-devel-1.1.2-2.amzn2.0.2.x86_64

libxslt-1.1.28-6.amzn2.x86_64

libXt-devel-1.1.5-3.amzn2.0.2.x86_64

libXxf86vm-devel-1.1.4-1.amzn2.0.2.x86_64

mesa-khr-devel-18.3.4-5.amzn2.0.1.x86_64

mesa-libGL-devel-18.3.4-5.amzn2.0.1.x86_64

mesa-libGLU-devel-9.0.0-4.amzn2.0.2.x86_64

openssl-1.0.2k-19.amzn2.0.4.aarch64

openssl-1.0.2k-19.amzn2.0.4.x86_64

openssl-libs-1.0.2k-19.amzn2.0.4.aarch64

openssl-libs-1.0.2k-19.amzn2.0.4.x86_64

python-javapackages-3.4.1-11.amzn2.noarch

python-lxml-3.2.1-4.amzn2.0.2.x86_64

selinux-policy-3.13.1-192.amzn2.6.5.noarch

selinux-policy-targeted-3.13.1-192.amzn2.6.5.noarch

system-release-2-13.amzn2.aarch64

system-release-2-13.amzn2.x86_64

vulkan-filesystem-1.0.61.1-2.amzn2.noarch

xorg-x11-proto-devel-2018.4-1.amzn2.0.2.noarch

xorg-x11-server-common-1.20.4-12.amzn2.0.1.x86_64

xorg-x11-server-Xorg-1.20.4-12.amzn2.0.1.x86_64

Kernel updates

Rebase kernel to upstream stable 4.14.209.

ENA driver: update to v2.4.0

CVEs fixed:

  • CVE-2020-27777 [powerpc/rtas: Restricts RTAS requests from userspace]

  • CVE-2020-25668 [tty: Makes FONTX ioctl use the tty pointer they were actually passed]

  • CVE-2020-25656 [vt: Keyboard, extend func_buf_lock to readers]

  • CVE-2020-28974 [vt: Disables KD_FONT_OP_COPY]

  • CVE-2019-19770 [blktrace: Fixes debugfs use after free]

  • CVE-2020-8694 [powercap: Restricts energy meter to root access]

  • CVE-2020-14351 [perf/core: Fixes race in the perf_mmap_close() function]

  • CVE-2020-27673 [xen/events: Adds a proper barrier to 2-level uevent unmasking]

  • CVE-2020-27675 [xen/events: Avoids removing an event channel while handling it]

  • CVE-2020-25704 [perf/core: Fixes a memory leak in perf_event_parse_addr_filter()]

  • CVE-2020-25669 [Input: sunkbd * Avoids use-after-free in teardown paths]

  • CVE-2020-28941 [speakup: Doesn't let the line discipline be used several times]

Other Fixes:

  • PM: hibernate: Batch hibernate and resume IO requests

  • nfsd: Fixes races between nfsd4_cb_release() and nfsd4_shutdown_callback()

  • x86/unwind/orc: Fixes inactive tasks with stack pointer in %sp on GCC 10 compiled kernels

  • ext4: Fixes leaking sysfs kobject after failed mount

  • xfs: Flushes new eof page on truncate to avoid post-eof corruption

  • time: Prevents undefined behaviour in timespec64_to_ns()

  • mm: mempolicy: Fixes potential pte_unmap_unlock pte error

  • blk-cgroup: Fixes memleak on error path