AWS-2019-002

February 13, 2019 9:00 PM PST CVE Identifier: CVE-2019-5736 AWS is aware of the recently disclosed security issue which affects several open-source container management systems (CVE-2019-5736). With the exception of the AWS services listed below, no customer action is required to address this issue. Amazon Linux An updated version of Docker (docker-18.06.1ce-7.amzn2) is available for Amazon Linux 2 extras repositories and Amazon Linux AMI 2018.03 repositories ( ALAS-2019-1156 ). AWS recommends that customers using Docker in Amazon Linux launch new instances from the latest AMI version. Further information is available in the Amazon Linux Security Center . Amazon Elastic Container Service (Amazon ECS) Amazon ECS Optimized AMIs, including the Amazon Linux AMI , the Amazon Linux 2 AMI , and the GPU-Optimized AMI , are available now. As a general security best practice, we recommend that ECS customers update their configurations to launch new container instances from the latest AMI version. Customers should replace existing container instances with the new AMI version to address the issue described above. Instructions to replace existing container instances can be found in the ECS docu…