- Newest
- Most votes
- Most comments
Hi AWS-User-3194526,
You can force a security update with - sudo yum update --security
.
"Long-term support for Amazon Linux 2 only applies to core packages and includes:
- AWS will provide security updates and bug fixes for all packages in core until June 30, 2025.
- AWS will maintain user-space Application Binary Interface (ABI) compatibility for the following packages in core:
elfutils-libelf, glibc, glibc-utils, hesiod, krb5-libs, libgcc, libgomp, libstdc++, libtbb.so, libtbbmalloc.so, libtbbmalloc_proxy.so, libusb, libxml2, libxslt, pam, audit-libs, audit-libs-python, bzip2-libs, c-ares, clutter, cups-libs, cyrus-sasl-gssapi, cyrus-sasl-lib, cyrus-sasl-md5, dbus-glib, dbus-libs, elfutils-libs, expat, fuse-libs, glib2, gmp, gnutls, httpd, libICE, libSM, libX11, libXau, libXaw, libXext, libXft, libXi, libXinerama, libXpm, libXrandr, libXrender, libXt, libXtst, libacl, libaio, libatomic, libattr, libblkid, libcap-ng, libdb, libdb-cxx, libgudev1, libhugetlbfs, libnotify, libpfm, libsmbclient, libtalloc, libtdb, libtevent, libusb, libuuid, ncurses-libs, nss, nss-sysinit, numactl, openssl, p11-kit, papi, pcre, perl, perl-Digest-SHA, perl-Time-Piece, perl-libs, popt, python, python-libs, readline, realmd, ruby, scl-utils, sqlite, systemd-libs, systemtap, tcl, tcp_wrappers-libs, xz-libs, and zlib
- AWS will provide Application Binary Interface (ABI) compatibility for all other packages in core unless providing such compatibility is not possible for reasons beyond AWS’s control." - Source - Amazon Linux 2 FAQs
Security updates are provided using the package repositories as well as updated AMI security alerts are published in the Amazon Linux Security Center. For more information about AWS security policies or to report a security problem, see AWS Cloud Security.
You can access Release notes for Amazon Linux 2 here.
Hope this helps.
As per https://aws.amazon.com/amazon-linux-2/faqs/ :
Q. Does AWS backport security fixes for Amazon Linux 2? Yes. Amazon routinely takes fixes out of the most recent version of upstream software packages and applies it to the version of the package in Amazon Linux 2. During this process, Amazon isolates the fix from any other changes, ensures that the fixes do not introduce unwanted side effects, and then applies the fixes.
i.e. if we move a bunch of these packages forward, there may be some unpleasant side-effects for customers. We have to be very careful when updating packages in Amazon Linux 2, as we do not want to break customers production environments.
I can suggest Amazon Linux 2023 as the base package versions in AL2023 are much newer than AL2. You can see the differences in packages in the release notes, and you can see Comparing AL2 and AL2023 in the User guide along with deprecated functionality.
Relevant content
- asked 2 years ago
- asked 2 years ago
- asked 2 years ago
- asked a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 4 months ago