AWS res high security documentation change
Summary
Added June 2026 release notes documenting security vulnerability fixes, enhancements, and bug fixes
Security assessment
Explicitly documents two security fixes: 1) Arbitrary file read vulnerability via symlink handling exploit 2) Linux kernel privilege escalation vulnerability in AMIs. These are concrete security vulnerabilities addressed in the release.
Diff
diff --git a/res/latest/ug/revisions.md b/res/latest/ug/revisions.md index 6c83b1cf9..f7d6e8089 100644 --- a//res/latest/ug/revisions.md +++ b//res/latest/ug/revisions.md @@ -12,0 +13,18 @@ Date | Change +June 2026 | + + * Release version 2026.06 Security fixes + * Fixed a security vulnerability where an authenticated user could exploit symlink handling in the File System API on the cluster manager host to read arbitrary files. +Enhancements + * Replaced DCV broker infrastructure host with serverless Lambda-based session management, reducing infrastructure overhead and improving scalability. + * Included QUIC, default schedule, and other cluster settings in snapshot restore functionality. +Changes + * Continued migration of VDC-related APIs from the VDC infra host to the backend Lambda. +Bug fixes + * Fixed "Create Software Stack from Session" workflow failing due to stale AD credentials, missing IAM permissions, and incompatible EC2Launch version on Windows. + * Fixed Ubuntu VDI login failure caused by SSSD configuration parsing error with special characters in home directory paths. + * Fixed list project owners and members in the user drop-down when sharing a Virtual Desktop. + * Fixed VDI login failures on RHEL8, RHEL9, Ubuntu 22.04, and Ubuntu 24.04 caused by amazon-efs-utils build incompatibility preventing EFS /home directory mounting. + * Fixed IAM policies not appearing in "add policies" dropdown when account has more than 1000 policies. + * Updated default AMIs across all supported OS types and regions, resolving Linux kernel local privilege escalation vulnerability. + +