Hello,
We have a custom AMI baked from Amazon Linux 2 and we have been trying to update packages on the instances that are running this AMI. We found that, for example, the python package is currently at 2.7.18-1.amzn2.0.2 whereas 2.7.18-1.amzn2.0.4 is the latest available according to documentation. However, we cannot get yum to update python to version 2.7.18-1.amzn2.0.4
When running yum update python we see "No packages marked for update".
We have also been trying to update the packages through AWS Systems Manager - Patch Manager but the python package does not get updated after performing a Scan and Install. We have also created a custom patch baseline including all available patches, but the package was not updated with this either.
This is despite us finding CVEs related to the python package that we expected would require an update from the current version 2.7.18-1.amzn2.0.2. Examples: https://alas.aws.amazon.com/AL2/ALAS-2021-1611.html and https://alas.aws.amazon.com/AL2/ALAS-2021-1669.html
How do we allow instances running our AMI to update to the latest versions of packages? And why are these updates not been captured by the patch baseline?
Thanks and regards.
AWS 官方已更新 10 个月前