The security adivsory here https://alas.aws.amazon.com/AL2/ALAS-2022-1802.html indicates that the AL2 Python package has been patched and an update is available (in python-2.7.18-1.amzn2.0.5.aarch64). The adisory directs:
Issue Correction:
Run yum update python to update your system.
However, executing yum update python does not update the package - no update to the package is found. Why is the package update not applied?
[ec2-user@ip-redacted ~]$ yum info python
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd
207 packages excluded due to repository priority protections
Installed Packages
Name : python
Arch : aarch64
Version : 2.7.18
Release : 1.amzn2.0.4
Size : 139 k
Repo : installed
Summary : An interpreted, interactive, object-oriented programming language
URL : http://www.python.org/
License : Python
Description : Python is an interpreted, interactive, object-oriented programming
: language often compared to Tcl, Perl, Scheme or Java. Python includes
: modules, classes, exceptions, very high level dynamic data types and
: dynamic typing. Python supports interfaces to many system calls and
: libraries, as well as to various windowing systems (X11, Motif, Tk,
: Mac and MFC).
:
: Programmers can write new built-in modules for Python in C or C++.
: Python can be used as an extension language for applications that need
: a programmable interface.
:
: Note that documentation for Python is provided in the python-docs
: package.
:
: This package provides the "python" executable; most of the actual
: implementation is within the "python-libs" package.
[ec2-user@ip-redacted ~]$ sudo yum update python
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd
amzn2-core | 3.7 kB 00:00:00
207 packages excluded due to repository priority protections
No packages marked for update
[ec2-user@ip-redacted ~]$