Difference between revisions of "News/updates"

From OpenVZ Virtuozzo Containers Wiki
Jump to: navigation, search
(042stab114.5)
(042stab115.2)
Line 22: Line 22:
 
<startFeed />
 
<startFeed />
 
<!-- *DO NOT REMOVE THIS LINE* new news should go here -->
 
<!-- *DO NOT REMOVE THIS LINE* new news should go here -->
 +
 +
== Kernel RHEL6 testing 042stab115.2 ==
 +
 +
Since {{kernel link|rhel6-testing|042stab115.2}}:
 +
 +
* Rebase to RHEL6u8 beta kernel 2.6.32-621.el6
 +
 +
{{Download link|kernel/rhel6-testing/042stab115.2}}
 +
 +
--[[User:Sergey Bronnikov|SergeyB]] ([[User talk:Sergey Bronnikov|talk]]) 08:33, 6 April 2016 (EDT)
  
 
== Kernel RHEL6 042stab114.5 ==
 
== Kernel RHEL6 042stab114.5 ==

Revision as of 12:33, 6 April 2016


Kernel RHEL6 testing 042stab115.2

Since 042stab115.2:

  • Rebase to RHEL6u8 beta kernel 2.6.32-621.el6

[ Change log/downloads... ]

--SergeyB (talk) 08:33, 6 April 2016 (EDT)

Kernel RHEL6 042stab114.5

Since 042stab113.21:

  • CVE-2016-3156: ipv4: Don't do expensive useless work during inetdev destroy. PSBM-42403)
 issue was workarounded in 042stab113.11 kernel by adding per-container limit on using of ipv4 addresses
 here old workaround is replaced by fix backported from mainline linux kernel.
  • fix for kernel BUG at block/cfq-iosched.c:2806 (OVZ-6651)
  • fix for kernel crash inside pick_next_task_fair() (PSBM-44475)
  • write to CIFS share hangs (OVZ-6642)
  • ub memcg: fake use_hierarhy file is required for KVM's libvirtd (OVZ-6660)
  • some internal fixes

[ Change log/downloads... ]

--SergeyB (talk) 08:10, 30 March 2016 (EDT)

Virtuozzo 7 Beta

This Virtuozzo 7.0 Beta offers the following major improvements:

  • Unified management of containers and KVM virtual machines with the prlctl tool and SDK. You get a single universal toolset for all CT/VM management needs.
  • Autoballooning and kernel same-page merging that allows overcommitting memory resources in the smartest way possible with an insignificant impact on customer workloads.
  • Memory hotplugging for containers and VMs that allows both increasing and reducing CT/VM memory size on the fly, without the need to reboot. Your customers can now scale their workloads without any downtime. This feature also enables you to make PAYG offerings, allowing customers to change VM resources depending on workload and potentially pay less.
  • Memory guarantees for both containers and virtual machines.
  • Ability to manage containers and VMs with libvirt and virt-manager. If you used to manage VMs with libvirt, you can do it in Virtuozzo in absolutely the same way.
  • Guest tools for Windows and Linux VMs.

Download

--SergeyB (talk) 05:53, 29 March 2016 (EDT)

Kernel RHEL6 042stab113.21

  • IPv6 link-local address was being assigned to slave interfaces in bonding which resulted in DAD and network routing issues. (PSBM-42433)
  • kswap activity needed to be restricted in case of high-order requests (PSBM-44291)
  • Force charge swapin readahead pages if in ub0. (PSBM-44857)
  • Missing bounds check in ipt_entry structure in netfilter. (PSBM-45193, CVE-2016-3134)
  • IPv6 connect could cause DoS via NULL pointer dereference (PSBM-45219, CVE-2015-8543)
  • Pipe buffer state corruption after unsuccessful atomic read from pipe (PSBM-45328, CVE-2016-0774)
  • hostapd was broken in early RHEL6.7 kernels. (OVZ-6649)

[ Change log/downloads... ]

--SergeyB (talk) 05:48, 29 March 2016 (EDT)

Kernel RHEL6 testing 042stab113.21

  • Missing bounds check in ipt_entry structure in netfilter. (PSBM-45193, CVE-2016-3134)
  • IPv6 connect could cause DoS via NULL pointer dereference (PSBM-45219, CVE-2015-8543)
  • Pipe buffer state corruption after unsuccessful atomic read from pipe (PSBM-45328, CVE-2016-0774)
  • hostapd was broken in early RHEL6.7 kernels. (OVZ-6649)

[ Change log/downloads... ]

--SergeyB (talk) 05:47, 29 March 2016 (EDT)

Kernel RHEL6 testing 042stab113.18

  • bonding: Prevent IPv6 link local address on enslaved devices (PSBM-42433)
  • kswap activity restriction in case high-order requests (PSBM-44291)
  • force charge swapin readahead pages if in ub0 (PSBM-44857)

[ Change log/downloads... ]

--SergeyB (talk) 10:22, 14 March 2016 (EDT)

Kernel RHEL6 stable 042stab113.17

  • Crash in restore_one_vfsmount() on restoring shared non-master mounts. (PSBM-42471)
  • Introduced FADV_DEACTIVATE flag in fadvise() to be able to move file pages from the active to the inactive list. (PSBM-42664)
  • Race between keyctl_read() and keyctl_revoke() could crash the host. (PSBM-43799, CVE-2015-7550)
  • Under certain circumstances, backup/restore via CBT interface could hang the host. (PSBM-43936)
  • Second-level quota in simfs containers was broken in 042stab113.x kernels. (OVZ-6655)

[ Change log/downloads... ]

--SergeyB (talk) 06:37, 14 March 2016 (EDT)

Kernel RHEL6 testing 042stab113.17

  • Crash in restore_one_vfsmount() on restoring shared non-master mounts. (PSBM-42471)
  • Introduced FADV_DEACTIVATE flag in fadvise() to be able to move file pages from the active to the inactive list. (PSBM-42664)
  • Race between keyctl_read() and keyctl_revoke() could crash the host. (PSBM-43799, CVE-2015-7550)
  • Under certain circumstances, backup/restore via CBT interface could hang the host. (PSBM-43936)
  • Second-level quota in simfs containers was broken in 042stab113.x kernels. (OVZ-6655)

[ Change log/downloads... ]

--SergeyB (talk) 06:37, 14 March 2016 (EDT)

Kernel RHEL5 stable 028stab120.1

  • Rebase to RHEL5 kernel 2.6.32-408.el5
  • A flaw was found in the way the Linux kernel's networking implementation handled UDP packets with incorrect checksum values. A remote attacker could potentially use this flaw to trigger an infinite loop in the kernel, resulting in a denial of service on the system, or cause a denial of service in applications using the edge triggered epoll functionality (CVE-2015-5364, CVE-2015-5366)

[ Change log/downloads... ]

--SergeyB (talk) 07:30, 2 February 2016 (EST)

Kernel RHEL5 testing 028stab120.1

  • Rebase to RHEL5 kernel 2.6.32-408.el5
  • A flaw was found in the way the Linux kernel's networking implementation handled UDP packets with incorrect checksum values. A remote attacker could potentially use this flaw to trigger an infinite loop in the kernel, resulting in a denial of service on the system, or cause a denial of service in applications using the edge triggered epoll functionality (CVE-2015-5364, CVE-2015-5366)

[ Change log/downloads... ]

--SergeyB (talk) 04:30, 25 January 2016 (EST)

Kernel RHEL5 stable 028stab119.6

  • Improved accounting for network-related memory objects (PCLIN-32553)
  • Introduced a per-container limit for the number of mounts (PCLIN-32554)
  • Introduced a per-container limit for IPv4 network interface aliases (PCLIN-32555)

[ Change log/downloads... ]

--SergeyB (talk) 09:25, 3 January 2016 (EST)

Older updates