Issue
AWS security advisory https://alas.aws.amazon.com/AL2/ALAS-2021-1674.html is causing my security scan to fail. The advice is to yum update httpd
to install httpd-2.4.48-2.amzn2.x86_64. However when I do this AWS yum repo only has an old version of this package (httpd-2.4.46-2.amzn2.x86_64).
yum update httpd
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd
No packages marked for update
yum install httpd
Loaded plugins: extras_suggestions, kernel-livepatch, langpacks, priorities, update-motd
amzn2-core | 3.7 kB 00:00:00
Package httpd-2.4.46-2.amzn2.x86_64 already installed and latest version
Nothing to do
This is a brand new unmodified AWS linux 2 instance. I have tried everything I could find online (making sure I can access yum repo and clearing cache)
Can anyone else using amazon linux 2 see this new package? (2.4.48) or even better have any suggestions how to proceed?
Solution
Worked it out - AWS Elastic Beanstalk in all their wisdom append a "-$guid" to the YUM repo list on an instance, which must be stuck in their CDN as was returning an out of date package list. I have resolved via:
sed 's/-$guid//g' /etc/yum.repos.d/amzn2-core.repo -i
Answered By - Phil Peters