Release Summary Important Advisory Notice Repository Updates Image Updates

Amazon Linux 2 version 2.0.20250721.2 release notes

These are the release notes for Amazon Linux 2 version 2.0.20250721.2.

Release Summary

This release of Amazon Linux 2 includes the latest security updates.

Security updates

For information on the CVEs addressed in the previous release, see the Amazon Linux Security Center.
For visibility into the status of CVEs that haven't been addressed yet, see the Amazon Linux Security Center.

Important Advisory Notice

The security advisories associated with the packages in this release are missing from the repository metadata and ALAS website. As a result, systems relying on repository metadata to track or apply security updates (ie: "dnf/yum update --security") will not be aware of the new updates available in this release. Systems leveraging the latest AMIs will have the latest updates.

We understand the importance of security visibility and compliance, and we are actively working to resolve this issue. A follow-up release that includes the repository metadata will be published during the week of July 28, 2025.

The full list of CVEs that are fixed with this release include:

AL2 Core

New Package NVR	Old Package NVR	CVE(s)
git-2.47.3-1.amzn2.0.1	git-2.47.1-1.amzn2.0.3	CVE-2025-27613, CVE-2025-27614, CVE-2025-46835, CVE-2025-48384, CVE-2025-48385
golang-1.23.11-1.amzn2.0.1	golang-1.23.10-1.amzn2.0.2	CVE-2025-4674
jackson-1.9.4-7.amzn2.0.1	jackson-1.9.4-7.amzn2	CVE-2025-52999
java-11-amazon-corretto-11.0.28+6-1.amzn2	java-11-amazon-corretto-11.0.27+6-1.amzn2	CVE-2025-30749, CVE-2025-30754, CVE-2025-30761, CVE-2025-50059, CVE-2025-50106
java-17-amazon-corretto-17.0.16+8-1.amzn2.1	java-17-amazon-corretto-17.0.15+6-1.amzn2.1	CVE-2025-30749, CVE-2025-30754, CVE-2025-50059, CVE-2025-50106
jq-1.5-1.amzn2.0.3	jq-1.5-1.amzn2	CVE-2024-23337
kernel-4.14.355-280.652.amzn2	kernel-4.14.355-280.651.amzn2	CVE-2022-50092, CVE-2025-23150, CVE-2025-38051
libarchive-3.1.2-14.amzn2.0.5	libarchive-3.1.2-14.amzn2.0.4	CVE-2025-5917
libxml2-2.9.1-6.amzn2.5.19	libxml2-2.9.1-6.amzn2.5.18	CVE-2025-49794, CVE-2025-49796
mtr-0.92-2.amzn2.0.2	mtr-0.92-2.amzn2.0.1	CVE-2025-49809
perl-Crypt-OpenSSL-RSA-0.28-7.amzn2.0.3	perl-Crypt-OpenSSL-RSA-0.28-7.amzn2	CVE-2024-2467
pixman-0.34.0-1.amzn2.0.3	pixman-0.34.0-1.amzn2	CVE-2022-44638
python-pip-20.2.2-1.amzn2.0.12	python-pip-20.2.2-1.amzn2.0.11	CVE-2025-50181
ruby-2.0.0.648-36.amzn2.0.15	ruby-2.0.0.648-36.amzn2.0.14	CVE-2025-6442
rust-1.86.0-1.amzn2.0.2	rust-1.86.0-1.amzn2.0.1	CVE-2025-53605

AL2 Extras ECS

New Package NVR	Old Package NVR	CVE(s)
containerd-2.0.5-1.amzn2.0.2	containerd-1.7.27-1.amzn2.0.3	CVE-2025-4673
docker-25.0.8-1.amzn2.0.5	docker-25.0.8-1.amzn2.0.4	CVE-2025-4673
ecs-init-1.96.0-1.amzn2	ecs-init-1.95.0-1.amzn2	CVE-2025-22874, CVE-2025-4673
runc-1.2.6-1.amzn2	runc-1.2.4-3.amzn2	CVE-2025-4673

AL2 Extras GIMP

New Package NVR	Old Package NVR	CVE(s)
gimp-2.8.22-1.amzn2.0.7	gimp-2.8.22-1.amzn2.0.6	CVE-2025-6035

AL2 Extras Kernel-5.10

New Package NVR	Old Package NVR	CVE(s)
kernel-5.10.239-236.958.amzn2	kernel-5.10.238-234.956.amzn2	CVE-2022-50000, CVE-2024-46855, CVE-2024-57883, CVE-2024-57996, CVE-2025-37958, CVE-2025-37963, CVE-2025-38084, CVE-2025-38161

AL2 Extras Kernel-5.15

New Package NVR	Old Package NVR	CVE(s)
kernel-5.15.187-130.192.amzn2	kernel-5.15.186-128.192.amzn2	CVE-2025-37938, CVE-2025-37945, CVE-2025-38062, CVE-2025-38064

AL2 Extras Livepatch

New Package NVR	Old Package NVR	CVE(s)
kernel-livepatch-5.10.236-227.928-1.0-2.amzn2	This is a new addition	CVE-2025-38037
kernel-livepatch-5.10.236-228.935-1.0-2.amzn2	This is a new addition	CVE-2025-38037
kernel-livepatch-5.10.237-230.948-1.0-1.amzn2	This is a new addition	CVE-2025-38037
kernel-livepatch-5.10.237-230.949-1.0-1.amzn2	This is a new addition	CVE-2025-38037

AL2 Extras Mate-desktop1.x

New Package NVR	Old Package NVR	CVE(s)
djvulibre-3.5.27-30.amzn2.0.4	djvulibre-3.5.27-30.amzn2.0.3	CVE-2025-53367

Repository Updates

Core Updated Packages

This section provides details about core updated packages.

aws-cfn-bootstrap-2.0-35.amzn2

git-2.47.3-1.amzn2.0.1

golang-1.23.11-1.amzn2.0.1

jackson-1.9.4-7.amzn2.0.1

java-11-amazon-corretto-11.0.28+6-1.amzn2

java-17-amazon-corretto-17.0.16+8-1.amzn2.1

jq-1.5-1.amzn2.0.3

kernel-4.14.355-280.652.amzn2

libarchive-3.1.2-14.amzn2.0.5

libxml2-2.9.1-6.amzn2.5.19

mtr-0.92-2.amzn2.0.2

nerdctl-2.1.3-1.amzn2.0.1

perl-Crypt-OpenSSL-RSA-0.28-7.amzn2.0.3

pixman-0.34.0-1.amzn2.0.3

python-pip-20.2.2-1.amzn2.0.12

ruby-2.0.0.648-36.amzn2.0.15

rust-1.86.0-1.amzn2.0.2

[AL2 Extras] Docker Updated Packages

This section provides details about [al2 extras] docker updated packages.

runfinch-finch-1.10.0-1.amzn2.0.1

soci-snapshotter-0.11.1-1.amzn2.0.1

[AL2 Extras] Kernel-5.10 Updated Packages

This section provides details about [al2 extras] kernel-5.10 updated packages.

kernel-5.10.239-236.958.amzn2

[AL2 Extras] Kernel-5.15 Updated Packages

This section provides details about [al2 extras] kernel-5.15 updated packages.

kernel-5.15.187-130.192.amzn2

[AL2 Extras] Livepatch New Packages

This section provides details about [al2 extras] livepatch new packages.

kernel-livepatch-5.10.236-227.928-1.0-2.amzn2

kernel-livepatch-5.10.236-228.935-1.0-2.amzn2

kernel-livepatch-5.10.237-230.948-1.0-1.amzn2

kernel-livepatch-5.10.237-230.949-1.0-1.amzn2

[AL2 Extras] Mate-desktop1.x Updated Packages

This section provides details about [al2 extras] mate-desktop1.x updated packages.

djvulibre-3.5.27-30.amzn2.0.4

Image Updates

Default Kernel-5.10 AMI

This section provides details about default kernel-5.10 ami.

aws-cfn-bootstrap-2.0-35.amzn2

kernel-tools-5.10.239-236.958.amzn2