Re: [Users] X86_BUG_CPU_INSECURE

Tue, 09 Jan 2018 10:58:55 -0800 

Does this concern "free/not-licenced" virtuozzo 7 ?
I don't beneficiate of "ready-kernel" in that case, did you issued an exeptionnal out of cycle (3 mouths) updates ? 

here's my situation that is not clear :

# cat /etc/redhat-release
Virtuozzo Linux release 7.4

# uname -a

Linux myserver.domain.fr 3.10.0-693.1.1.vz7.37.30 #1 SMP Wed Nov 15 
20:42:09 MSK 2017 x86_64 x86_64 x86_64 GNU/Linux



when I issued a yum update I got  kmod  packages , are these a meltdown 
& spectre patches ?

Mise à jour :

 kmod                    x86_64 20-15.vl7.6               
virtuozzolinux-base               120 k
 kmod-libs               x86_64 20-15.vl7.6               
virtuozzolinux-base                50 k


not sure regarding changelogs dates :

# rpm -q --changelog kmod-20-15.vl7.6.x86_64 | more
* jeu. nov. 16 2017 Yauheni Kaliuta <ykali...@redhat.com> - 20-15.el7_4.6
- Backport external directories support.
  Related: rhbz#1511943.
...

thanks for your precisions .

regards .


Le 09/01/2018 à 10:22, Vasily Averin a écrit :

OpenVZ7 update was released.

It includes new kenrel, criu, qemu-kvm and libvirt.

https://download.openvz.org/virtuozzo/releases/openvz-7.0.6-509/
https://download.openvz.org/virtuozzo/releases/7.0/x86_64/os/repoview/

Thank you,
        Vasily Averin

On 2018-01-06 14:40, Vasily Averin wrote:

We have released fixed RHEL6-based kernel,
please update your nodes to 2.6.32-042stab127.2 kernel

Thank you,
        Vasily Averin

On 2018-01-04 06:03, Alex Kobets wrote:

Hi,


Virtuozzo will release the kernel with fix asap.

We have it under testing right now


Thank you,

Alex

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
*From:* users-boun...@openvz.org <users-boun...@openvz.org> on behalf of Hristo Benev 
<f...@abv.bg>
*Sent:* Wednesday, January 3, 2018 6:39:10 PM
*To:* zoo...@gmail.com; OpenVZ users
*Subject:* Re: [Users] X86_BUG_CPU_INSECURE

  

-------- Оригинално писмо --------
От: Benjamin Henrion zoo...@gmail.com
Относно: [Users] X86_BUG_CPU_INSECURE
До: "OpenVZ users list. This is THE list you need." <users@openvz.org>
Изпратено на: 03.01.2018 03:02



Hi,

Just reading this:

https://amp.reddit.com/r/sysadmin/comments/7nl8r0/intel_bug_incoming/

Xen seems to have a pending patch to be release this week, but people
are speculating now that you could bypass the entire isolation process
provided by any hypervisor.

Wait and see how this will be exploited, but you can be sure there
will be exploits soon in the wild.

The patch for software mitigation seems to be big and performance impacting.

But that would probably mean that containers can be bypassed.

Wait and see,

--
Benjamin Henrion (zoobab)
Email: zoobab at gmail.com
Mobile: +32-484-566109
Web: http://www.zoobab.com
FFII.org Brussels
"In July 2005, after several failed attempts to legalise software
patents in Europe, the patent establishment changed its strategy.
Instead of explicitly seeking to sanction the patentability of
software, they are now seeking to create a central European patent
court, which would establish and enforce patentability rules in their
favor, without any possibility of correction by competing courts or
democratically elected legislators."
_______________________________________________
Users mailing list
Users@openvz.org
https://lists.openvz.org/mailman/listinfo/users


https://spectreattack.com

States that OpenVZ might be affected.
_______________________________________________
Users mailing list
Users@openvz.org
https://lists.openvz.org/mailman/listinfo/users


_______________________________________________
Users mailing list
Users@openvz.org
https://lists.openvz.org/mailman/listinfo/users


_______________________________________________
Users mailing list
Users@openvz.org
https://lists.openvz.org/mailman/listinfo/users


_______________________________________________
Users mailing list
Users@openvz.org
https://lists.openvz.org/mailman/listinfo/users





_______________________________________________
Users mailing list
Users@openvz.org
https://lists.openvz.org/mailman/listinfo/users























					Reply via email to