CloudLinux OS Blog - KuberDock product launch and special intro pricing announced
CloudLinux OS Blog

KuberDock product launch and special intro pricing announced

KuberDock product launch and special intro pricing announced

New patches provide a fix for PSBM-27792 for all VZ kernels, as well as well as PSBM-28403 for 2.6.32-042stab092.1 to 2.6.32-042stab092.3 kernels. It brings all the kernels in line with the latest vzkernel-2.6.32-042stab083.4 kernel
CentOS/RHEL/CL 6 systems are patched against CVE-2014-2706.
Additionally, we are starting to display effective kernel number with a '+' at the end, to designate that the kernel was patched beyond latest stable kernel.

Systems with AUTO_UPDATE=True (DEFAULT) in /etc/sysconfig/kcare/kcare.conf will automatically update, and no action is needed for them.

You can manually update the server by running:
# /usr/bin/kcarectl --update

CVEs: CVE-2014-2706

Details:

  • CVE-2014-2706 mac80211: fix AP powersave TX vs. wakeup race
    A race condition flaw was found in the way the Linux kernel's mac80211 subsystem implementation handled synchronization between TX and STA wake-up code paths. A remote attacker could use this flaw to crash the system.
  • PSBM-27792, #2644 - ve/net/netfilter/ipset: prohibit ipset from the inside CT
    fixes netfilter Denial of service vulnerability in isset netfilter module
  • PSBM-28403, #3035 sched: fix output of vestat:idle
    /proc/vz/vestat IDLE cpu usage information was not virtualized, providing information for the whole hardware node, instead of individual container
Beta: MySQL Governor updated
Beta: New CloudLinux 6 and Hybrid kernel released