Tuesday, January 4, 2022

[SOLVED] amazon linux 2 yum missing update (AWS Security Center)

Issue

AWS security advisory https://alas.aws.amazon.com/AL2/ALAS-2021-1674.html is causing my security scan to fail. The advice is to yum update httpd to install httpd-2.4.48-2.amzn2.x86_64. However when I do this AWS yum repo only has an old version of this package (httpd-2.4.46-2.amzn2.x86_64).

yum update httpd
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd
No packages marked for update


yum install httpd
Loaded plugins: extras_suggestions, kernel-livepatch, langpacks, priorities, update-motd
amzn2-core                                                                                                                                                                           | 3.7 kB  00:00:00     
Package httpd-2.4.46-2.amzn2.x86_64 already installed and latest version
Nothing to do

This is a brand new unmodified AWS linux 2 instance. I have tried everything I could find online (making sure I can access yum repo and clearing cache)

Can anyone else using amazon linux 2 see this new package? (2.4.48) or even better have any suggestions how to proceed?


Solution

Worked it out - AWS Elastic Beanstalk in all their wisdom append a "-$guid" to the YUM repo list on an instance, which must be stuck in their CDN as was returning an out of date package list. I have resolved via:

sed 's/-$guid//g' /etc/yum.repos.d/amzn2-core.repo -i


Answered By - Phil Peters