Article ID: 127881, created on Dec 25, 2015, last review on Dec 28, 2015

  • Applies to:
  • Virtuozzo containers for Linux 4.7

Issue date: 2015-12-25

1. What's Included in This Update

This update includes a new Parallels Virtuozzo Containers for Linux 4.7 kernel (2.6.32-042stab113.11) based on the Red Hat Enterprise Linux 6.7 kernel (2.6.32-573.8.1.el6). The new kernel is a rebase to a new Red Hat Enterprise Linux kernel and inherits all stability fixes from it. Additionally, the new kernel contains a number of security fixes from RHEL kernel 2.6.32-573.12.1.el6 as well as a number of internal security and stability fixes.

2. Bug Fixes

  • Unauthorized access to IPC objects with SysV shm and msg. (CVE-2015-7613)
  • Updated fix for keyrings crash triggerable by unprivileged user. (CVE-2015-7872)
  • Crash in cgroup_release_agent() after container stop. (PSBM-34262)
  • Unix socket was restored incorrectly after container resume. (PSBM-39774)
  • Kernel panic when online-migrating a container with an active conntrack expectation from Virtuozzo Containers for Linux 4.6 (RHEL5) to RHEL6-based kernels. (PSBM-40287)
  • WARNING in tty_ldisc_open(). (PSBM-41622)
  • ip6_dst_cache entries should be charged inside container. (PSBM-42323)
  • Introduced a per-container limit for IPv4 network interface aliases. (PSBM-42403)
  • Improvements to memory reclaimer. (PSBM-40406)
  • Crash on start of containers with the hidden PIDs feature enabled (kernel.pid_ns_hide_child=1). (OVZ-6568)
  • Improvements to Docker operation inside containers.
  • Minor memory leak fixes and performance optimizations.

3. Obtaining the Update

You can download and install the update using the vzup2date utility included in the Parallels Virtuozzo Containers for Linux 4.7 distribution.

4. References

Copyright (c) 1999-2015 Parallels IP Holdings GmbH and its affiliates. All rights reserved.

Search Words




d02f9caf3e11b191a38179103495106f 2897d76d56d2010f4e3a28f864d69223 e8e50b42231236b82df27684e7ec0beb 0c05f0c76fec3dd785e9feafce1099a9

Email subscription for changes to this article
Save as PDF