AWS Security ChangesHomeSearch

AWS linux documentation change

Service: linux · 2026-04-13 · Documentation medium

File: linux/al2023/release-notes/relnotes-2023.11.20260406.md

Summary

Added notable updates section announcing signed repository metadata in AL2023 with opt-in verification capability.

Security assessment

This change documents a security feature (repository metadata signing) that enhances package integrity verification, but it is presented as a new feature or update without concrete evidence of fixing a security vulnerability.

Diff

diff --git a/linux/al2023/release-notes/relnotes-2023.11.20260406.md b/linux/al2023/release-notes/relnotes-2023.11.20260406.md
index c6205ac3b..df6034957 100644
--- a//linux/al2023/release-notes/relnotes-2023.11.20260406.md
+++ b//linux/al2023/release-notes/relnotes-2023.11.20260406.md
@@ -52,0 +53,7 @@ This release represents an update to the 11th quarterly release of AL2023. AL202
+###### Notable updates
+
+  * AL2023 repositories now include signed repository metadata. Customers can opt-in to verification by setting `repo_gpgcheck=1`. For more information, see [Repository metadata signing in AL2023](https://docs.aws.amazon.com/linux/al2023/ug/repo-metadata-signing.html).
+
+
+
+