Issue date: 2015-03-31
1. What's Included in This Update
This update includes a new Virtuozzo Containers for Linux 4.7 kernel (2.6.32-042stab106.4) based on the Red Hat Enterprise Linux 6.6 kernel (2.6.32-504.12.2.el6). The new kernel introduces stability and security fixes.
2. Bug Fixes
The CAP_SYS_ADMIN capability is now required to access
/proc/PID/pagemapthat exposes sensitive information which can be used for rowhammer-like attacks (CVE-2015-0565).
NOTE: Processes inside a Container can only gain CAP_SYS_ADMIN if it is deliberately provided to the Container by the Hardware Node administrator. (#PSBM-32308)
- Online migration of CentOS 4 or RHEL4 based Containers could fail in case the source Hardware Node ran 2.6.32-042stab104.x or 2.6.32-042stab105.x kernels. (#PSBM-32452)
3. Obtaining the Update
You can download and install the update using the vzup2date utility included in the Virtuozzo Containers for Linux 4.7 distribution set.
Copyright (c) 1999-2015 Parallels IP Holdings GmbH and its affiliates. All rights reserved.