AWS Security ChangesHomeSearch

AWS systems-manager documentation change

Service: systems-manager · 2026-03-28 · Documentation low

File: systems-manager/latest/userguide/patch-manager-linux-rules.md

Summary

Updated documentation to clarify that when updateinfo.xml is not found, patch installation depends on 'Include non-security updates' and 'Auto-approval' settings rather than no patches being applied

Security assessment

This change clarifies existing behavior about patch installation when updateinfo.xml is unavailable. It explains that non-security updates may still be installed based on configuration settings, but does not indicate any security vulnerability, incident, or weakness being addressed. The change provides operational clarification rather than addressing a security issue.

Diff

diff --git a/systems-manager/latest/userguide/patch-manager-linux-rules.md b/systems-manager/latest/userguide/patch-manager-linux-rules.md
index 2e3d6a7ec..055c7e54e 100644
--- a//systems-manager/latest/userguide/patch-manager-linux-rules.md
+++ b//systems-manager/latest/userguide/patch-manager-linux-rules.md
@@ -266 +266 @@ On AlmaLinux, Red Hat Enterprise Linux (RHEL), and Rocky Linux, the patch select
-The `updateinfo.xml` file might not be available if the repo isn't one managed by Red Hat. If there is no `updateinfo.xml` found, no patch will be applied.
+The `updateinfo.xml` file might not be available if the repo isn't one managed by Red Hat. If there is no `updateinfo.xml` found, whether patches are installed depend on settings for **Include non-security updates** and **Auto-approval**. For example, if non-security updates are permitted, they're installed when the auto-approval time arrives.