Article ID: 127882, created on Dec 25, 2015, last review on Dec 28, 2015

  • Applies to:
  • Virtuozzo hypervisor

Issue date: 2015-12-25

1. What's Included in This Update

This update includes a new Parallels Server Bare Metal 5.0 kernel (2.6.32-042stab113.11) based on the Red Hat Enterprise Linux 6.7 kernel (2.6.32-573.8.1.el6). The new kernel is a rebase to a new Red Hat Enterprise Linux kernel and inherits all stability fixes from it. Additionally, the new kernel contains a number of security fixes from RHEL kernel 2.6.32-573.12.1.el6 as well as a number of internal security and stability fixes.

2. Bug Fixes

  • Unauthorized access to IPC objects with SysV shm and msg. (CVE-2015-7613)
  • Updated fix for keyrings crash triggerable by unprivileged user. (CVE-2015-7872)
  • Crash in cgroup_release_agent() after container stop. (PSBM-34262)
  • Unix socket was restored incorrectly after container resume. (PSBM-39774)
  • Kernel panic when online-migrating a container with an active conntrack expectation from Virtuozzo Containers for Linux 4.6 (RHEL5) to RHEL6-based kernels. (PSBM-40287)
  • WARNING in tty_ldisc_open(). (PSBM-41622)
  • ip6_dst_cache entries should be charged inside container. (PSBM-42323)
  • Introduced a per-container limit for IPv4 network interface aliases. (PSBM-42403)
  • Improvements to memory reclaimer. (PSBM-40406)
  • Crash on start of containers with the hidden PIDs feature enabled (kernel.pid_ns_hide_child=1). (OVZ-6568)
  • Improvements to Docker operation inside containers.
  • Minor memory leak fixes and performance optimizations.

3. Obtaining the Update

You can download and install the update using the vzup2date utility included in the Parallels Server Bare Metal 5.0 distribution.

4. References

Copyright (c) 1999-2015 Parallels IP Holdings GmbH and its affiliates. All rights reserved.

Search Words




a26b38f94253cdfbf1028d72cf3a498b 2897d76d56d2010f4e3a28f864d69223

Email subscription for changes to this article
Save as PDF