本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
Amazon Linux 2023 版本 2023.0.20230322 发布说明
此主题包括 Amazon Linux 2023 (AL2023) 第二个正式发布 (GA) 版本的发布说明。这些发布说明适用于 AL2023 的 2023.0.20230322 版本。
主要更新
此版本是 Amazon Linux 2023 (AL2023) 的正式发布 (GA) 版本的更新。AL2023 是新一代的 Amazon Linux。它提供 5 年的支持,并在 Amazon Linux 中引入了诸如确定性更新、对 Graviton 处理器的更好优化等功能。AL2023 已为客户的生产工作负载做好了准备,我们鼓励客户立即开始从先前版本的 Amazon Linux 进行迁移。
有关 AL2023 的更多信息,请参阅 Amazon Linux 新增功能文章
AL2023 包括以下主要更新。
-
Systems Manager 补丁管理器现在支持 AL2023。
-
AL2023 的
Arm64版本采用一项名为指针身份验证 (PAC) 的功能构建。在支持的硬件 (Graviton 3) 上运行时,会对函数调用的返回地址进行签名和验证,从而为抵御一整类攻击增加一层额外的安全保护。 -
修复了
aarch64上的gcc使用可修补函数部分的问题,该问题导致kretprobe事件注册失败并影响 SystemTap 和perf工具的相关功能。 -
要深入了解 Amazon Linux 2 以来的变化,请参阅比较 Amazon Linux 2 与 AL2023。
已知问题
-
Amazon Inspector 对 AL2023 的支持将于 4 月推出。
-
从 AL2023 RC1 或更早版本升级实例时,为了避免出现启动顺序问题,您需要在升级之前向
/etc/default/grub中添加以下内容才能获得内核更新:GRUB_DEFAULT=saved GRUB_UPDATE_DEFAULT_KERNEL=true -
codedeploy代理当前不适用于 AL2023。 -
AL2023 包含一个已知问题,即不支持客户通过
DHCP定义的NTP服务器。解决方法 - 使用
/etc/chrony.d中的 config 文件配置 NTP 服务器 -
AL2023 尚未获得 FIPS 认证。它即将获得
FIPS 140-3认证。
安全更新
-
有关此版本中涉及的 CVE 的信息,请参阅 Amazon Linux 安全中心
。 -
要了解尚未解决的 CVE 的状态,请参阅 Amazon Linux 安全中心
。
联系我们
如果您发现安全问题,请点击此链接了解如何联系我们的安全团队
我们使用 GitHub 问题来收集有关 AL2023 的反馈并跟踪错误报告和功能请求。您可以查看现有问题
如果您对 AL2023 有疑问,请随时开始体验或加入讨论
存储库
自 AL2023.0.20230315 以来,AL2023.0.20230322 中的新软件包
将 AL2023.0.20230315 版本 2023.0.20230315 与 AL2023.0.20230322 版本 2023.0.20230322 进行比较。
| 软件包类型 | 与AL2023.0.20230315相比,AL2023.0.20230322中的新软件包数量与AL2023.0.20230315相比 |
|---|---|
| 源 RPM | 1 |
| 二进制 RPM 总数 | 2 |
x86_64 二进制 RPM |
1 |
aarch64 二进制 RPM |
1 |
AL2023.0.20230322 中的新软件包:
| 源 RPM | RPM | 架构 | 版本 |
|---|---|---|---|
trace-cmd
|
trace-cmd
|
aarch64、x86_64 | 2.7-10.amzn2023.0.1 |
AL2023.0.20230322 从 AL2023.0.20230315 升级
将 2023.0.20230 315 与 2023.0.20230322 进行比较。
| 软件包类型 | 计数 |
|---|---|
| 来源 | 25 |
| 二进制包总数 | 376 |
noarch 二进制 RPM |
112 |
x86_64 二进制 RPM |
135 |
aarch64 二进制 RPM |
129 |
RPM 软件包版本的完整比较如下。
| 源 RPM | RPM | 架构 | AL2023.0.20230315 版本 | AL2023.0.20230322 版本 |
|---|---|---|---|---|
autotrace
|
autotrace
|
aarch64、x86_64 | 0.31.1-62.amzn2023.0.2 | 0.31.9-86.amzn2023.0.1 |
autotrace-devel
|
aarch64、x86_64 | |||
containerd
|
containerd
|
aarch64、x86_64 | 1.6.8-2.amzn2023.0.3 | 1.6.8-2.amzn2023.0.4 |
containerd-stress
|
aarch64、x86_64 | |||
credentials-fetcher
|
credentials-fetcher
|
aarch64、x86_64 | 1.1.0-1.amzn2023.0.2 | 1.1.0-6.amzn2023.0.2 |
device-mapper-multipath
|
device-mapper-multipath
|
aarch64、x86_64 | 0.8.7-16.amzn2023.0.1 | 0.8.7-16.amzn2023.0.2 |
device-mapper-multipath-devel
|
aarch64、x86_64 | |||
device-mapper-multipath-libs
|
aarch64、x86_64 | |||
kpartx
|
aarch64、x86_64 | |||
libdmmp
|
aarch64、x86_64 | |||
libdmmp-devel
|
aarch64、x86_64 | |||
docker
|
docker
|
aarch64、x86_64 | 20.10.17-1.amzn2023.0.5 | 20.10.17-1.amzn2023.0.6 |
emacs
|
emacs
|
aarch64、x86_64 | 28.2-3.amzn2023.0.3 | 28.2-3.amzn2023.0.4 |
emacs-common
|
aarch64、x86_64 | |||
emacs-devel
|
aarch64、x86_64 | |||
emacs-filesystem
|
noarch | |||
emacs-lucid
|
aarch64、x86_64 | |||
emacs-nox
|
aarch64、x86_64 | |||
emacs-terminal
|
noarch | |||
gcc
|
cpp
|
aarch64、x86_64 | 11.3.1-4.amzn2023.0.2 | 11.3.1-4.amzn2023.0.3 |
gcc
|
aarch64、x86_64 | |||
gcc-c++
|
aarch64、x86_64 | |||
gcc-gdb-plugin
|
aarch64、x86_64 | |||
gcc-gfortran
|
aarch64、x86_64 | |||
gcc-offload-nvptx
|
x86_64 | |||
gcc-plugin-devel
|
aarch64、x86_64 | |||
libasan
|
aarch64、x86_64 | |||
libasan-static
|
aarch64、x86_64 | |||
libatomic
|
aarch64、x86_64 | |||
libatomic-static
|
aarch64、x86_64 | |||
libgcc
|
aarch64、x86_64 | |||
libgccjit
|
aarch64、x86_64 | |||
libgccjit-devel
|
aarch64、x86_64 | |||
libgfortran
|
aarch64、x86_64 | |||
libgfortran-static
|
aarch64、x86_64 | |||
libgomp
|
aarch64、x86_64 | |||
libgomp-offload-nvptx
|
x86_64 | |||
libitm
|
aarch64、x86_64 | |||
libitm-devel
|
aarch64、x86_64 | |||
libitm-static
|
aarch64、x86_64 | |||
liblsan
|
aarch64、x86_64 | |||
liblsan-static
|
aarch64、x86_64 | |||
libquadmath
|
x86_64 | |||
libquadmath-devel
|
x86_64 | |||
libquadmath-static
|
x86_64 | |||
libstdc++
|
aarch64、x86_64 | |||
libstdc++-devel
|
aarch64、x86_64 | |||
libstdc++-docs
|
aarch64、x86_64 | |||
libstdc++-static
|
aarch64、x86_64 | |||
libtsan
|
aarch64、x86_64 | |||
libtsan-static
|
aarch64、x86_64 | |||
libubsan
|
aarch64、x86_64 | |||
libubsan-static
|
aarch64、x86_64 | |||
golang
|
golang
|
aarch64、x86_64 | 1.19.3-2.amzn2023.0.2 | 1.19.6-1.amzn2023.0.1 |
golang-bin
|
aarch64、x86_64 | |||
golang-docs
|
noarch | |||
golang-misc
|
noarch | |||
golang-race
|
x86_64 | |||
golang-shared
|
aarch64、x86_64 | |||
golang-src
|
noarch | |||
golang-tests
|
noarch | |||
httpd
|
httpd
|
aarch64、x86_64 | 2.4.55-1.amzn2023 | 2.4.56-1.amzn2023 |
httpd-core
|
aarch64、x86_64 | |||
httpd-devel
|
aarch64、x86_64 | |||
httpd-filesystem
|
noarch | |||
httpd-manual
|
noarch | |||
httpd-tools
|
aarch64、x86_64 | |||
mod_ldap
|
aarch64、x86_64 | |||
mod_lua
|
aarch64、x86_64 | |||
mod_proxy_html
|
aarch64、x86_64 | |||
mod_session
|
aarch64、x86_64 | |||
mod_ssl
|
aarch64、x86_64 | |||
kernel
|
bpftool
|
aarch64、x86_64 | 6.1.15-28.43.amzn2023 | 6.1.19-30.43.amzn2023 |
kernel
|
aarch64、x86_64 | |||
kernel-devel
|
aarch64、x86_64 | |||
kernel-headers
|
aarch64、x86_64 | |||
kernel-libbpf
|
aarch64、x86_64 | |||
kernel-libbpf-devel
|
aarch64、x86_64 | |||
kernel-libbpf-static
|
aarch64、x86_64 | |||
kernel-tools
|
aarch64、x86_64 | |||
kernel-tools-devel
|
aarch64、x86_64 | |||
perf
|
aarch64、x86_64 | |||
python3-perf
|
aarch64、x86_64 | |||
keyutils
|
keyutils
|
aarch64、x86_64 | 1.6.1-2.amzn2023.0.2 | 1.6.3-1.amzn2023 |
keyutils-libs
|
aarch64、x86_64 | |||
keyutils-libs-devel
|
aarch64、x86_64 | |||
nmap
|
nmap
|
aarch64、x86_64 | 7.80-11.amzn2023.0.3 | 7.93-1.amzn2023 |
nmap-ncat
|
aarch64、x86_64 | |||
opensc
|
opensc
|
aarch64、x86_64 | 0.22.0-4.amzn2023.0.3 | 0.23.0-3.amzn2023 |
openscap
|
openscap
|
aarch64、x86_64 | 1.3.5-2.amzn2023.0.3 | 1.3.7-1.amzn2023.0.1 |
openscap-containers
|
noarch | |||
openscap-devel
|
aarch64、x86_64 | |||
openscap-engine-sce
|
aarch64、x86_64 | |||
openscap-engine-sce-devel
|
aarch64、x86_64 | |||
openscap-python3
|
aarch64、x86_64 | |||
openscap-scanner
|
aarch64、x86_64 | |||
openscap-utils
|
aarch64、x86_64 | |||
php8.1
|
php8.1
|
aarch64、x86_64 | 8.1.14-1.amzn2023.0.2 | 8.1.16-1.amzn2023.0.1 |
php8.1-bcmath
|
aarch64、x86_64 | |||
php8.1-cli
|
aarch64、x86_64 | |||
php8.1-common
|
aarch64、x86_64 | |||
php8.1-dba
|
aarch64、x86_64 | |||
php8.1-dbg
|
aarch64、x86_64 | |||
php8.1-devel
|
aarch64、x86_64 | |||
php8.1-embedded
|
aarch64、x86_64 | |||
php8.1-enchant
|
aarch64、x86_64 | |||
php8.1-ffi
|
aarch64、x86_64 | |||
php8.1-fpm
|
aarch64、x86_64 | |||
php8.1-gd
|
aarch64、x86_64 | |||
php8.1-gmp
|
aarch64、x86_64 | |||
php8.1-intl
|
aarch64、x86_64 | |||
php8.1-ldap
|
aarch64、x86_64 | |||
php8.1-mbstring
|
aarch64、x86_64 | |||
php8.1-mysqlnd
|
aarch64、x86_64 | |||
php8.1-odbc
|
aarch64、x86_64 | |||
php8.1-opcache
|
aarch64、x86_64 | |||
php8.1-pdo
|
aarch64、x86_64 | |||
php8.1-pgsql
|
aarch64、x86_64 | |||
php8.1-process
|
aarch64、x86_64 | |||
php8.1-soap
|
aarch64、x86_64 | |||
php8.1-tidy
|
aarch64、x86_64 | |||
php8.1-xml
|
aarch64、x86_64 | |||
polkit
|
polkit
|
aarch64、x86_64 | 0.117-10.amzn2023.0.3 | 0.117-11.amzn2023 |
polkit-devel
|
aarch64、x86_64 | |||
polkit-docs
|
noarch | |||
polkit-libs
|
aarch64、x86_64 | |||
python-pillow
|
python3-pillow
|
aarch64、x86_64 | 9.0.1-6.amzn2023.0.3 | 9.4.0-2.amzn2023.0.1 |
python3-pillow-devel
|
aarch64、x86_64 | |||
python3-pillow-tk
|
aarch64、x86_64 | |||
setools
|
python3-setools
|
aarch64、x86_64 | 4.4.0-9.amzn2023.0.2 | 4.4.1-1.amzn2023 |
setools
|
aarch64、x86_64 | |||
setools-console
|
aarch64、x86_64 | |||
sudo
|
sudo
|
aarch64、x86_64 | 1.9.12-1.p2.amzn2023.0.3 | 1.9.13-1.p2.amzn2023.0.1 |
sudo-devel
|
aarch64、x86_64 | |||
sudo-logsrvd
|
aarch64、x86_64 | |||
sudo-python-plugin
|
aarch64、x86_64 | |||
system-release
|
amazon-linux-repo-cdn
|
noarch | 2023.0.20230315-1.amzn2023 | 2023.0.20230322-0.amzn2023 |
amazon-linux-repo-s3
|
noarch | |||
kernel-livepatch-repo-cdn
|
noarch | |||
kernel-livepatch-repo-s3
|
noarch | |||
system-release
|
noarch | |||
tomcat9
|
tomcat9
|
noarch | 9.0.64-1.amzn2023.0.2 | 9.0.71-1.amzn2023.0.1 |
tomcat9-admin-webapps
|
noarch | |||
tomcat9-docs-webapp
|
noarch | |||
tomcat9-el-3.0-api
|
noarch | |||
tomcat9-jsp-2.3-api
|
noarch | |||
tomcat9-lib
|
noarch | |||
tomcat9-servlet-4.0-api
|
noarch | |||
tomcat9-webapps
|
noarch | |||
udica
|
udica
|
noarch | 0.2.6-3.amzn2023.0.1 | 0.2.7-4.amzn2023.0.1 |
unbound
|
python3-unbound
|
aarch64、x86_64 | 1.16.3-2.amzn2023.0.1 | 1.17.1-1.amzn2023.0.1 |
unbound
|
aarch64、x86_64 | |||
unbound-anchor
|
aarch64、x86_64 | |||
unbound-devel
|
aarch64、x86_64 | |||
unbound-libs
|
aarch64、x86_64 | |||
unbound-utils
|
aarch64、x86_64 | |||
update-motd
|
update-motd
|
noarch | 2.0-1.amzn2023.0.3 | 2.1-1.amzn2023 |
vim
|
vim-common
|
aarch64、x86_64 | 9.0.1314-1.amzn2023.0.2 | 9.0.1367-1.amzn2023.0.1 |
vim-data
|
noarch | |||
vim-default-editor
|
noarch | |||
vim-enhanced
|
aarch64、x86_64 | |||
vim-filesystem
|
noarch | |||
vim-minimal
|
aarch64、x86_64 |
Docker 容器映像
以下软件包已删除。
-
amazon-linux-repo-cdn-2023.0.20230315-1.amzn2023 -
keyutils-libs-1.6.1-2.amzn2023.0.2 -
libgcc-11.3.1-4.amzn2023.0.2 -
libgomp-11.3.1-4.amzn2023.0.2 -
libstdc++-11.3.1-4.amzn2023.0.2 -
system-release-2023.0.20230315-1.amzn2023
以下软件包已更新。
-
amazon-linux-repo-cdn-2023.0.20230322-0.amzn2023 -
keyutils-libs-1.6.3-1.amzn2023 -
libgcc-11.3.1-4.amzn2023.0.3 -
libgomp-11.3.1-4.amzn2023.0.3 -
libstdc++-11.3.1-4.amzn2023.0.3 -
system-release-2023.0.20230322-0.amzn2023
默认 AMI
以下软件包已删除。
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
以下软件包已更新。
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
AMI 最低版本
以下软件包已删除。
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
以下软件包已更新。
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
