AWS linux documentation change
Summary
Added notable updates section announcing signed repository metadata in AL2023 with opt-in verification capability.
Security assessment
This change documents a security feature (repository metadata signing) that enhances package integrity verification, but it is presented as a new feature or update without concrete evidence of fixing a security vulnerability.
Diff
diff --git a/linux/al2023/release-notes/relnotes-2023.11.20260406.md b/linux/al2023/release-notes/relnotes-2023.11.20260406.md index c6205ac3b..df6034957 100644 --- a//linux/al2023/release-notes/relnotes-2023.11.20260406.md +++ b//linux/al2023/release-notes/relnotes-2023.11.20260406.md @@ -52,0 +53,7 @@ This release represents an update to the 11th quarterly release of AL2023. AL202 +###### Notable updates + + * AL2023 repositories now include signed repository metadata. Customers can opt-in to verification by setting `repo_gpgcheck=1`. For more information, see [Repository metadata signing in AL2023](https://docs.aws.amazon.com/linux/al2023/ug/repo-metadata-signing.html). + + + +