Recommended update for amazon-ssm-agent

Announcement ID: SUSE-RU-2020:1406-1
Rating: moderate
References:
Affected Products:
  • Public Cloud Module 12
  • SUSE Linux Enterprise High Performance Computing 12 SP2
  • SUSE Linux Enterprise High Performance Computing 12 SP3
  • SUSE Linux Enterprise High Performance Computing 12 SP4
  • SUSE Linux Enterprise High Performance Computing 12 SP5
  • SUSE Linux Enterprise Server 12
  • SUSE Linux Enterprise Server 12 SP1
  • SUSE Linux Enterprise Server 12 SP2
  • SUSE Linux Enterprise Server 12 SP3
  • SUSE Linux Enterprise Server 12 SP4
  • SUSE Linux Enterprise Server 12 SP5
  • SUSE Linux Enterprise Server for SAP Applications 12
  • SUSE Linux Enterprise Server for SAP Applications 12 SP1
  • SUSE Linux Enterprise Server for SAP Applications 12 SP2
  • SUSE Linux Enterprise Server for SAP Applications 12 SP3
  • SUSE Linux Enterprise Server for SAP Applications 12 SP4
  • SUSE Linux Enterprise Server for SAP Applications 12 SP5

An update that has one fix can now be installed.

Description:

This update for amazon-ssm-agent fixes the following issues:

  • Update to 2.3.978.0 (2020-04-08) (bsc#1170744)
  • Stop pty on receiving TerminateSession request
  • Add support for Debian arm64 architecture
  • Refactoring session log generation logic
  • Update to 2.3.930.0 (2020-03-17)
  • Bug fix for CloudWatch agent version showing twice in Inventory console
  • Bug fix for retrieving minor version for CentOS7
  • Add snap appData collection for inventory in ubuntu 18
  • Add validation for contents of os release files
  • Add retry for fingerprint generation
  • Update to 2.3.871.0 (2020-02-20)
  • Various bug fix for SSM Agent
  • Update to 2.3.842.0 (2020-01-29)
  • Bug fix for updating document state file prior agent reboot
  • Add support to restart agent after SIGPIPE exit status
  • Update to 2.3.814.0 (2020-01-16)
  • Bug fix for metadata service V2
  • Update Golang version 1.12 for travis
  • Optimize session manager retry logic
  • Update to 2.3.786.0 (2019-12-19)
  • Add support for Oracle Linux v7.5 and v7.7
  • Bug fix for Inventory data provider to support special characters
  • Bug fix for SSM MDS service name
  • Update to 2.3.772.0 (2019-12-13)
  • Upgrade AWS SDK
  • Add logging for fingerprint generation
  • Update to 2.3.760.0 (2019-11-15)
  • Session manager supports handling of Task metadata
  • Update to 2.3.758.0 (2019-11-11)
  • Add support to update SSM Distributor packages in place
  • Update to 2.3.756.0 (2019-11-05)
  • Terminate port forwarding session on receiving TerminateSession flag
  • Bug fix to reload SSM client if region has not been initialize correctly
  • Bug fix for retrieval of user groups on Linux
  • Update to 2.3.722.0 (2019-10-11)
  • Bug fix for the delay when registering non-EC2 on-prem instances
  • Bug fix for missing ACL when uploading logs to S3 buckets
  • Upgrade GoLang version from 1.9 to 1.12
  • Update to 2.3.714.0 (2019-09-26)
  • For port forwarding session, close server connection when client drops it's connection
  • Bug fix for missing condition of rules from inventory registry
  • Update service domain information fetch logic from EC2 Metadata
  • Update to 2.3.707.0 (2019-09-11)
  • Bug fix for characters dropping from session manager shell output
  • Bug fix for session manager freezing caused by non utf8 character
  • Switch the request protocol order for getting S3 Header
  • Keep port forwarding session open until session is terminated
  • Update to 2.3.701.0 (2019-08-21)
  • Send platform type information in controlChannel input
  • Update to 2.3.687.0 (2019-08-05)
  • Bug fix for runPowershellScript plugin on linux platform
  • Add support for document 2.x version to ssm-cli
  • Update to 2.3.680.0 (2019-07-24)
  • Added a new Inventory gatherer AWS:BillingInfo which will gather the billing product ids for LicenseIncluded and Marketplace instance
  • Update to 2.3.672.0 (2019-07-09)
  • Add Port plugin for SSH/SCP
  • Add support for Session Manager RunAs functionality on Linux platform
  • Update to 2.3.668.0 (2019-07-01)
  • Add Session Manager InteractiveCommands plugin
  • Bug fix for log formatting issue for session manager
  • Update to 2.3.662.0 (2019-06-19)
  • Bug fix for Session Manager when handling line endings on Windows platform
  • Bug fix for token validation for aws:downloadContent plugin
  • Check if log group exists before uploading Session Manager logs to CloudWatch
  • Bug fix for broken S3 urls when using custom documents
  • Update to 2.3.634.0 (2019-05-28)
  • Disable appconfig to load credential from specific profile path, add EC2 credentials as the default fallback
  • Remove sudoers file creation logic if ssm-user already exists
  • Enable supplementary groups for ssm-user on Linux
  • Update to 2.3.612.0 (2019-05-08)
  • Bug fix for UTF-8 encoded issue caused by locale activation on Ubuntu 16.04 instance
  • Refactor ssm-user creation logic
  • Bug fix for reporting IP address with wrong network interface
  • Update configure package document arn pattern
  • Update to 2.3.542.0 (2019-04-18)
  • Bug fix for on-premises instance registration in CN region
  • Update to 2.3.539.0 (2019-04-04)
  • Add support for further encryption of session data using AWS KMS
  • Bug fix for excessive instance-id fetching by document workers
  • Update to 2.3.479.0 (2019-03-06)
  • Bug fix for downloading content failure caused by wrong S3 endpoint
  • Bug fix for reboot failure caused by session manager panic
  • Bug fix for session manager shell output dropping character
  • Bug fix for mgs endpoint configuration consistency
  • Update to 2.3.444.0 (2019-02-10)
  • Updates to UpdateInstanceInformation call, Windows initialization
  • Update to 2.3.415.0 (2019-01-25)
  • Bug fix addressing issues in Distributor package upgrade
  • Update to 2.3.372.0 (2019-01-08)
  • Bug fix to allow installation of Distributor packages that do not have a version name.
  • Bug fix for agent crash with message "WaitGroup is reused before previous Wait has returned".
  • Update to 2.3.344.0 (2018-12-14)
  • Add frequent collector to detect changed inventory types and upload it to SSM service between two scheduled collections.
  • Change AWS Systems Manager Distributor to reduce calls to GetDocument by calling DescribeDocument.
  • Add exit code when ssm-cli execution fails.
  • Create ssm-user only after the control channel has been successfully created.
  • Update to 2.3.274.0 (2018-11-26)
  • Enabled AWS Systems Manager Distributor that lets you securely distribute and install software packages.
  • Add support for the arm64 architecture on Amazon Linux 2, Ubuntu 16.04/18.04, and RHEL 7.6 to support EC2 A1 instances.
  • Update to 2.3.235.0 (2018-10-23)
  • Bug fix for session manager logging on Windows
  • Bug fix for ConfigureCloudWatch plugin
  • Bug fix for update SSM agent occasionally failing due to SSM agent service stuck in starting state
  • Update to 2.3.193.0 (2018-10-23)
  • Bug fix for past sessions occasionally stuck in terminating state
  • Darwin masquerades as Linux to bypass OS validation on the backend until official support can be added
  • Update to 2.3.169.0 (2018-10-23)
  • Update managed instance role token more frequently
  • Update to 2.3.136.0 (2018-10-09)
  • Bug fix for issue that GatherInventory throw out error when there is no Windows Update in instance
  • Add more filters when getting the Windows event logs at startup to improve performance
  • Add random jitter before call PutInventory in inventory datauploader
  • Update to 2.3.117.0 (2018-10-02)
  • Bug fix for issues during process termination on instances where IAM policy does not grant ssmmessages permissions.
  • Update to 2.3.101.0 (2018-10-02)
  • Bug fix to prevent defunct processes when creating the local user ssm-user.
  • Bug fix for sudoersFile permission to avoid "sudo" command warnings in Session Manager.
  • Disable hibernation on Windows platform if Cloudwatch configuration is present.
  • Update to 2.3.68.0 (2018-09-17)
  • Enables the Session Manager capability that lets you manage your Amazon EC2 instance through an interactive one-click browser-based shell or through the AWS CLI.
  • Beginning this agent version, SSM Agent will create a local user "ssm-user" and either add it to /etc/sudoers (Linux) or to the Administrators group (Windows) every time the agent starts. The ssm-user is the default OS user when a Session Manager session is started, and the password for this user is reset on every session. You can change the permissions by moving the ssm-user to a less-privileged group or by changing the sudoers file. The ssm-user is not removed from the system when SSM Agent is uninstalled.
  • Add patch to remove unused import
  • Build-Depend on pkgconfig(systemd) instead of systemd
  • Allows OBS to depend on the -mini flavors
  • Refresh patches for new version

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • Public Cloud Module 12
    zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2020-1406=1

Package List:

  • Public Cloud Module 12 (aarch64 ppc64le s390x x86_64)
    • amazon-ssm-agent-2.3.978.0-4.21.1

References: