Article ID: 113568, created on Mar 28, 2012, last review on Apr 25, 2014

  • Applies to:
  • Virtuozzo containers for Linux 4.7
--------------------------------------------------------------------------------
Synopsis:          New Parallels Virtuozzo Containers 4.7 kernel provides
                   an update with security and stability fixes.
Issue date:        03-28-2012
Product:           Parallels Virtuozzo Containers 4.7
Keywords:          "bugfix" "stability" "security"

--------------------------------------------------------------------------------

This document provides information on the new Parallels Virtuozzo Containers (PVC) 4.7 kernel,
version 2.6.32-042stab053.5.

--------------------------------------------------------------------------------
TABLE OF CONTENTS

1. About This Release
2. Updates Description
3. Obtaining New Kernel
4. Installing New Kernel
5. Required RPMs
6. References

--------------------------------------------------------------------------------

1. ABOUT THIS RELEASE

The current update for the PVC 4.7 kernel provides a new
kernel based on the Red Hat 6.2 kernel (2.6.32-220.7.1.el6). The updated
kernel includes a number of security and stability fixes.

--------------------------------------------------------------------------------

2. UPDATES DESCRIPTION

This update contains fixes for the following issues:

* Online migration could fail during the stage of restoring a huge page on the
  destination Node. (PCLIN-30682)

* Transparent hugepages support has been disabled by default. (PSBM-11811)
  If necessary, you can enable it by running this command:
  # echo always > /sys/kernel/mm/redhat_transparent_hugepage/enabled

* Attempt to enter a Container running Red Hat Enterprise Linux 5 could fail due
  to the absence of kernel support for legacy pseudo-terminals. (OVZ# 1995)

* When stopping a Container, a kernel crash could occur if the Container used
  the ip_conntrack functionality. (OVZ 2175)

* Several enhancements have been made to the memory reclaimer code to
  prevent possible Node hang-ups in low-memory situations.

* A process making a lot of write requests (e.g., the "dd" utility run with a
  small block size) could start consuming 100% of the CPU time on the Node. This
  could also dramatically decrease disk performance. (PSBM-11755)

* Online migration of a Container containing bindmounted files could fail.
  In particular, bindmounted files are used by modern versions of the "named"
  service. (PCLIN-30771)

--------------------------------------------------------------------------------

3. OBTAINING NEW KERNEL

You can download and install this kernel update using the vzup2date utility
included in the Parallels Virtuozzo Containers 4.7 distribution set.

--------------------------------------------------------------------------------

4. INSTALLING NEW KERNEL

To install the update, do the following:

I. Use the "rpm -ihv" command to install the new kernel and PVC modules.

# rpm -ivh vzkernel-2.6.32-042stab053.5.i686.rpm \
vzmodules-2.6.32-042stab053.5.i686.rpm
Preparing...                ################################# [100%]
    1:vzkernel               ################################# [50%]
    2:vzmodules              ################################# [100%]

    Please DO NOT USE the "rpm -Uhv" command to install the kernel. Otherwise,
    all of the kernels that were previously installed on your system may be removed from
    the Hardware Node.

II. You can adjust your boot loader configuration file to have the new kernel
    loaded by default. If you use the LILO bootloader, do not forget to
    execute the "lilo" command to write the changes to the boot sector:

     # lilo
     Added Virtuozzo2 *
     Added Virtuozzo1
     Added linux
     Added linux-up

III. Reboot your computer with the "shutdown -r now" command to boot the new
     kernel.

--------------------------------------------------------------------------------

5. REQUIRED RPMS

Depending on the processor installed on the Hardware Node, the following RPM
packages are included in the kernel update:

x86 kernels:

- SMP:
   vzkernel-2.6.32-042stab053.5.i686.rpm
   vzmodules-2.6.32-042stab053.5.i686.rpm

- Enterprise:
   vzkernel-ent-2.6.32-042stab053.5.i686.rpm
   vzmodules-ent-2.6.32-042stab053.5.i686.rpm

- Enterprise with the 4GB split feature disabled:
   vzkernel-PAE-2.6.32-042stab053.5.i686.rpm
   vzmodules-PAE-2.6.32-042stab053.5.i686.rpm


x86_64 kernels:

- SMP:
   vzkernel-2.6.32-042stab053.5.x86_64.rpm
   vzmodules-2.6.32-042stab053.5.x86_64.rpm

--------------------------------------------------------------------------------

6. REFERENCES

https://rhn.redhat.com/errata/RHBA-2012-0124.html

https://rhn.redhat.com/errata/RHSA-2012-0350.html
https://www.redhat.com/security/data/cve/CVE-2011-4077.html
https://www.redhat.com/security/data/cve/CVE-2011-4081.html
https://www.redhat.com/security/data/cve/CVE-2011-4132.html
https://www.redhat.com/security/data/cve/CVE-2011-4347.html
https://www.redhat.com/security/data/cve/CVE-2011-4594.html
https://www.redhat.com/security/data/cve/CVE-2011-4611.html
https://www.redhat.com/security/data/cve/CVE-2011-4622.html
https://www.redhat.com/security/data/cve/CVE-2012-0038.html
https://www.redhat.com/security/data/cve/CVE-2012-0045.html
https://www.redhat.com/security/data/cve/CVE-2012-0207.html

--------------------------------------------------------------------------------
Copyright (c) 1999-2012 Parallels Holdings, Ltd. and its affiliates. All rights
reserved.

0c05f0c76fec3dd785e9feafce1099a9 d02f9caf3e11b191a38179103495106f e8e50b42231236b82df27684e7ec0beb 2897d76d56d2010f4e3a28f864d69223

Email subscription for changes to this article
Save as PDF