Package updates are available for Amazon Linux 2 that fix the following vulnerabilities: CVE-2026-2604: The Evolution backend server exposes the D-Bus service org.gnome.evolution.dataserver.AddressBook, that can be used in order to manage contacts. A Flatpak application with access to this D-Bus service can exploit this issue in order to gain arbitrary file deletion on the host filesystem.
3.28.5-4.amzn2.0.23.28.5-4.amzn2.0.23.28.5-4.amzn2.0.23.28.5-4.amzn2.0.23.28.5-4.amzn2.0.23.28.5-4.amzn2.0.23.28.5-4.amzn2.0.2