AWS systems-manager documentation change
Summary
Updated documentation to clarify that when updateinfo.xml is not found, patch installation depends on 'Include non-security updates' and 'Auto-approval' settings rather than no patches being applied
Security assessment
This change clarifies existing behavior about patch installation when updateinfo.xml is unavailable. It explains that non-security updates may still be installed based on configuration settings, but does not indicate any security vulnerability, incident, or weakness being addressed. The change provides operational clarification rather than addressing a security issue.
Diff
diff --git a/systems-manager/latest/userguide/patch-manager-linux-rules.md b/systems-manager/latest/userguide/patch-manager-linux-rules.md index 2e3d6a7ec..055c7e54e 100644 --- a//systems-manager/latest/userguide/patch-manager-linux-rules.md +++ b//systems-manager/latest/userguide/patch-manager-linux-rules.md @@ -266 +266 @@ On AlmaLinux, Red Hat Enterprise Linux (RHEL), and Rocky Linux, the patch select -The `updateinfo.xml` file might not be available if the repo isn't one managed by Red Hat. If there is no `updateinfo.xml` found, no patch will be applied. +The `updateinfo.xml` file might not be available if the repo isn't one managed by Red Hat. If there is no `updateinfo.xml` found, whether patches are installed depend on settings for **Include non-security updates** and **Auto-approval**. For example, if non-security updates are permitted, they're installed when the auto-approval time arrives.