CentOS 6 ELS kernel v.2.6.32-754.29.3 has been scheduled for gradual rollout

kernel

CentOS 6 ELS kernel v.2.6.32-754.29.3.el6 has been scheduled for gradual rollout from our production repository.

Rollout slot: 2

Rolled out to: 1%

ETA for 100%: February, 16

Changelog

  • CKSIX-268: futex: Handle faults correctly for PI futexes
  • CKSIX-268: futex: Provide and use pi_state_update_owner()
  • CKSIX-263: KEYS: allow reaching the keys quotas exactly
  • CKSIX-263: KEYS: reaching the keys quotas correctly
  • CKSIX-263: fix -ENOMEM result with invalid user space pointer in
    sendto() syscall
  • CKSIX-263: CVE-2017-18344: posix-timer: Properly check sigevent->sigev_notify
  • CKSIX-263: CVE-2018-6927: futex: Prevent overflow by strengthen
    input validation
  • CKSIX-258: CVE-2017-6951: KEYS: Change the name of the dead type to
    ".dead" to prevent user access
  • CKSIX-258: CVE-2017-15299: KEYS: don't let add_key() update an
    uninstantiated key
  • CKSIX-258: fix CVE-2016-9604
  • CKSIX-258: KEYS: add missing permission check for request_key() destination
  • CKSIX-258: KEYS: prevent KEYCTL_READ on negative key
  • CKSIX-258: CVE-2017-10661: timerfd: Protect the might cancel mechanism proper
  • CKSIX-258: fix CVE-2017-7472
  • CKSIX-258: fix CVE-2017-15274

Update

yum update kernel*

Immediate update (via bypass)

yum update kernel* --enablerepo=ELS6-rollout-2-bypass

CentOS 6 ELS kernel v.2.6.32-754.29.3 has been scheduled for gradual rollout

kernel

CentOS 6 ELS kernel v.2.6.32-754.29.3.el6 has been scheduled for gradual rollout from our production repository.

Rollout slot: 2

Rolled out to: 1%

ETA for 100%: February, 16

Changelog

  • CKSIX-268: futex: Handle faults correctly for PI futexes
  • CKSIX-268: futex: Provide and use pi_state_update_owner()
  • CKSIX-263: KEYS: allow reaching the keys quotas exactly
  • CKSIX-263: KEYS: reaching the keys quotas correctly
  • CKSIX-263: fix -ENOMEM result with invalid user space pointer in
    sendto() syscall
  • CKSIX-263: CVE-2017-18344: posix-timer: Properly check sigevent->sigev_notify
  • CKSIX-263: CVE-2018-6927: futex: Prevent overflow by strengthen
    input validation
  • CKSIX-258: CVE-2017-6951: KEYS: Change the name of the dead type to
    ".dead" to prevent user access
  • CKSIX-258: CVE-2017-15299: KEYS: don't let add_key() update an
    uninstantiated key
  • CKSIX-258: fix CVE-2016-9604
  • CKSIX-258: KEYS: add missing permission check for request_key() destination
  • CKSIX-258: KEYS: prevent KEYCTL_READ on negative key
  • CKSIX-258: CVE-2017-10661: timerfd: Protect the might cancel mechanism proper
  • CKSIX-258: fix CVE-2017-7472
  • CKSIX-258: fix CVE-2017-15274

Update

yum update kernel*

Immediate update (via bypass)

yum update kernel* --enablerepo=ELS6-rollout-2-bypass

Subscribe to CloudLinux Newsletter

imunify-logo

WEB SERVER SECURITY BLOG