# Amazon Linux 2 version 2.0.20210219.0 release notes
<a name="relnotes-20210219"></a>

These are the release notes for Amazon Linux 2 version 2.0.20210219.0.

## Major updates
<a name="major-updates-20210219"></a>

None.

## Package updates
<a name="package-updates-20210219"></a>

Amazon Linux 2 includes the following packages.


| Packages | 
| --- | 
| boost-date-time-1.53.0-27.amzn2.0.5.x86\_64 | 
| boost-system-1.53.0-27.amzn2.0.5.x86\_64 | 
| boost-thread-1.53.0-27.amzn2.0.5.x86\_64 | 
| ca-certificates-2020.2.41-70.0.amzn2.0.1.noarch | 
| glibc-2.26-41.amzn2.aarch64 | 
| glibc-2.26-41.amzn2.x86\_64 | 
| glibc-all-langpacks-2.26-41.amzn2.aarch64 | 
| glibc-all-langpacks-2.26-41.amzn2.x86\_64 | 
| glibc-common-2.26-41.amzn2.aarch64 | 
| glibc-common-2.26-41.amzn2.x86\_64 | 
| glibc-devel-2.26-41.amzn2.x86\_64 | 
| glibc-headers-2.26-41.amzn2.x86\_64 | 
| glibc-langpack-en-2.26-41.amzn2.aarch64 | 
| glibc-langpack-en-2.26-41.amzn2.x86\_64 | 
| glibc-locale-source-2.26-41.amzn2.aarch64 | 
| glibc-locale-source-2.26-41.amzn2.x86\_64 | 
| glibc-minimal-langpack-2.26-41.amzn2.aarch64 | 
| glibc-minimal-langpack-2.26-41.amzn2.x86\_64 | 
| kernel-4.14.219-161.340.amzn2.aarch64 | 
| kernel-4.14.219-161.340.amzn2.x86\_64 | 
| kernel-devel-4.14.219-161.340.amzn2.x86\_64 | 
| kernel-headers-4.14.219-161.340.amzn2.x86\_64 | 
| kernel-tools-4.14.219-161.340.amzn2.aarch64 | 
| kernel-tools-4.14.219-161.340.amzn2.x86\_64 | 
| libcrypt-2.26-41.amzn2.aarch64 | 
| libcrypt-2.26-41.amzn2.x86\_64 | 
| openssl-1.0.2k-19.amzn2.0.6.aarch64 | 
| openssl-1.0.2k-19.amzn2.0.6.x86\_64 | 
| openssl-libs-1.0.2k-19.amzn2.0.6.aarch64 | 
| openssl-libs-1.0.2k-19.amzn2.0.6.x86\_64 | 
| perl-5.16.3-299.amzn2.0.1.aarch64 | 
| perl-5.16.3-299.amzn2.0.1.x86\_64 | 
| perl-libs-5.16.3-299.amzn2.0.1.aarch64 | 
| perl-libs-5.16.3-299.amzn2.0.1.x86\_64 | 
| perl-macros-5.16.3-299.amzn2.0.1.aarch64 | 
| perl-macros-5.16.3-299.amzn2.0.1.x86\_64 | 
| perl-Pod-Escapes-1.04-299.amzn2.0.1.noarch | 
| pygpgme-0.3-9.amzn2.0.3.aarch64 | 
| pygpgme-0.3-9.amzn2.0.3.x86\_64 | 
| python-2.7.18-1.amzn2.0.3.aarch64 | 
| python-2.7.18-1.amzn2.0.3.x86\_64 | 
| python-devel-2.7.18-1.amzn2.0.3.aarch64 | 
| python-devel-2.7.18-1.amzn2.0.3.x86\_64 | 
| python-libs-2.7.18-1.amzn2.0.3.aarch64 | 
| python-libs-2.7.18-1.amzn2.0.3.x86\_64 | 
| rng-tools-6.8-3.amzn2.0.5.aarch64 | 
| rng-tools-6.8-3.amzn2.0.5.x86\_64 | 
| selinux-policy-3.13.1-192.amzn2.6.7.noarch | 
| selinux-policy-targeted-3.13.1-192.amzn2.6.7.noarch | 
| sudo-1.8.23-10.amzn2.1.aarch64 | 
| sudo-1.8.23-10.amzn2.1.x86\_64 | 
| unzip-6.0-43.amzn2.aarch64 | 
| unzip-6.0-43.amzn2.x86\_64 | 

## Kernel updates
<a name="kernel-updates-20210219"></a>

Rebase kernel to upstream stable 4.14.219.

CVEs fixed:
+ CVE-2020-28374 [scsi: target: Fixes XCOPY NAA identifier lookup]
+ CVE-2021-3178 [nfsd4: readdirplus shouldn't return parent of export]
+ CVE-2020-27825 [tracing: Fixes race in trace\_open and buffer resize call]
+ CVE-2021-3347 [futex: Ensures the correct return value from futex\_lock\_pi()]
+ CVE-2021-3348 [nbd: Freezes the queue while we're adding connections]

Amazon Features and Backports:
+ NFS: Do uncached readdir when we're seeking a cookie in an empty page cache

Other Fixes:


| Fixes | 
| --- | 
| virtio\_net: Fixes issue of recursive call to cpus\_read\_lock() | 
| net-sysfs: Uses the rtnl lock when storing xps\_cpus | 
| net: ethernet: ti: cpts: Fixes ethtool output when no ptp\_clock registered | 
| vhost\_net: Fixes ubuf refcount incorrectly when sendmsg fails | 
| net-sysfs: Uses the rtnl lock when accessing xps\_cpus\_map and num\_tc | 
| crypto: ecdh - Avoids buffer overflow in ecdh\_set\_secret() | 
| x86/mm: Fixes leak of pmd ptlock | 
| KVM: x86: Fixes shift out of bounds reported by UBSAN | 
| net: ip: Always refragment ip defragmented packets | 
| x86/resctrl: Uses an IPI instead of task\_work\_add() to update PQR\_ASSOC MSR | 
| x86/resctrl: Doesn't move a task to the same resource group | 
| cpufreq: powernow-k8: Passes policy rather than use cpufreq\_cpu\_get() | 
| iommu/intel: Fixed memleak in intel\_irq\_remapping\_alloc | 
| KVM: arm64: Doesn't access PMCR\_EL0 when no PMU is available | 
| mm/hugetlb: Fixes potential missing huge page size info | 
| dm snapshot: Adds flush merged data before committing metadata | 
| ext4: Fixes bug for rename with RENAME\_WHITEOUT | 
| NFS4: Fixes use-after-free in trace\_event\_raw\_event\_nfs4\_set\_lock | 
| ext4: Fixes superblock checksum failure when setting password salt | 
| mm, slub: Considers rest of partial list if acquire\_slab() fails | 
| rxrpc: Fixes handling of an unsupported token type in rxrpc\_read() | 
| tipc: Fixes NULL deref in tipc\_link\_xmit() | 
| net: Uses skb\_list\_del\_init() to remove from RX sublists | 
| net: Introduces skb\_list\_walk\_safe for skb segment walking | 
| dm: Avoids filesystem lookup in dm\_get\_dev\_t() | 
| skbuff: Backs tiny skbs with kmalloc() in \_\_netdev\_alloc\_skb() too | 
| tracing: Fixed race in trace\_open and buffer resize call | 
| x86/boot/compressed: Disables relocation relaxation | 
| nbd: Freezes the queue while we're adding connections | 
| KVM: x86: Gets smi pending status correctly | 
| x86/entry/64/compat: Preserves r8-r11 in int $0x80 | 
| x86/entry/64/compat: Fixes x86/entry/64/compat: Preserve r8-r11 in int $0x80 |